Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:pypi/ansible-core@2.0
purl pkg:pypi/ansible-core@2.0
Tags Ghost
Next non-vulnerable version 2.16.14rc1
Latest non-vulnerable version 2.18.1rc1
Risk 4.0
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-2evu-1apv-eqby
Aliases:
CVE-2021-4112
ansible-tower: Privilege escalation via job isolation escape
2.11.0
Affected by 6 other vulnerabilities.
VCID-geaa-6dxx-tbcw
Aliases:
CVE-2021-3620
GHSA-4r65-35qq-ch8j
PYSEC-2022-164
A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.
2.11.0
Affected by 6 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-03T21:27:31.170491+00:00 GitLab Importer Affected by VCID-2evu-1apv-eqby https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/ansible-core/CVE-2021-4112.yml 38.1.0
2026-04-01T12:49:37.911961+00:00 GitLab Importer Affected by VCID-geaa-6dxx-tbcw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/ansible-core/CVE-2021-3620.yml 38.0.0