VulnerableCode Package Details - pkg:pypi/ansible-core@2.8.0

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:pypi/ansible-core@2.8.0

Essentials
History (2)

purl	pkg:pypi/ansible-core@2.8.0
Tags	Ghost

Next non-vulnerable version	2.16.14rc1
Latest non-vulnerable version	2.18.1rc1
Risk	3.3

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-w8qm-73f3-rkbm Aliases: CVE-2023-4237 GHSA-ww3m-ffrm-qvqv	Ansible may expose private key A flaw was found in the Ansible Automation Platform. When creating a new keypair, the ec2_key module prints out the private key directly to the standard output. This flaw allows an attacker to fetch those keys from the log files, compromising the system's confidentiality, integrity, and availability.	2.15.3rc1 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-02T17:00:22.138975+00:00	GHSA Importer	Affected by	VCID-w8qm-73f3-rkbm	https://github.com/advisories/GHSA-ww3m-ffrm-qvqv	38.1.0
2026-04-01T12:51:53.710004+00:00	GitLab Importer	Affected by	VCID-w8qm-73f3-rkbm	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/ansible-core/CVE-2023-4237.yml	38.0.0