Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/ansible@1.9.2%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/ansible@1.9.2%2Bdfsg-1?distro=trixie
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (2)
Vulnerability Summary Aliases
VCID-hnjw-vehk-2fdd Ansible before 1.9.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. CVE-2015-3908
GHSA-w64c-pxjj-h866
PYSEC-2015-1
VCID-ynmp-3yfy-sfc1 The chroot, jail, and zone connection plugins in ansible before 1.9.2 allow local users to escape a restricted environment via a symlink attack. CVE-2015-6240
GHSA-wwwh-47wp-m522
PYSEC-2017-3

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T11:53:52.795902+00:00 Debian Importer Fixing VCID-hnjw-vehk-2fdd https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:17:17.998962+00:00 Debian Importer Fixing VCID-ynmp-3yfy-sfc1 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-13T08:07:19.909591+00:00 Debian Importer Fixing VCID-hnjw-vehk-2fdd https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:55:19.944505+00:00 Debian Importer Fixing VCID-ynmp-3yfy-sfc1 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-02T17:13:02.848631+00:00 Debian Importer Fixing VCID-hnjw-vehk-2fdd https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:07:37.387300+00:00 Debian Importer Fixing VCID-ynmp-3yfy-sfc1 https://security-tracker.debian.org/tracker/data/json 38.1.0