Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:pypi/ansible@3.0.0rc1
purl pkg:pypi/ansible@3.0.0rc1
Next non-vulnerable version 12.0.0
Latest non-vulnerable version 12.2.0
Risk 3.1
Vulnerabilities affecting this package (3)
Vulnerability Summary Fixed by
VCID-4yvf-k192-9fca
Aliases:
CVE-2021-3533
PYSEC-2021-126
A flaw was found in Ansible if an ansible user sets ANSIBLE_ASYNC_DIR to a subdirectory of a world writable directory. When this occurs, there is a race condition on the managed machine. A malicious, non-privileged account on the remote machine can exploit the race condition to access the async result data. This flaw affects Ansible Tower 3.7 and Ansible Automation Platform 1.2.
3.0.0
Affected by 2 other vulnerabilities.
VCID-qbdk-hxhg-wbh4
Aliases:
CVE-2025-14010
GHSA-8ggh-xwr9-3373
Ansible Community General Collection is vulnerable to exposure of sensitive information A flaw was found in ansible-collection-community-general. This vulnerability allows for information exposure (IE) of sensitive credentials, specifically plaintext passwords, via verbose output when running Ansible with debug modes. Attackers with access to logs could retrieve these secrets and potentially compromise Keycloak accounts or administrative access.
12.0.0
Affected by 0 other vulnerabilities.
12.2.0
Affected by 0 other vulnerabilities.
VCID-ujbp-cc1r-wfe9
Aliases:
CVE-2023-5115
GHSA-jpvw-p8pr-9g2x
Ansible symlink attack vulnerability An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used to overwrite a file outside of the extraction path.
8.5.0
Affected by 1 other vulnerability.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-17T00:01:44.971846+00:00 GitLab Importer Affected by VCID-qbdk-hxhg-wbh4 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/ansible/CVE-2025-14010.yml 38.4.0
2026-04-16T22:47:16.544485+00:00 GitLab Importer Affected by VCID-ujbp-cc1r-wfe9 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/ansible/CVE-2023-5115.yml 38.4.0
2026-04-12T01:24:42.777290+00:00 GitLab Importer Affected by VCID-qbdk-hxhg-wbh4 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/ansible/CVE-2025-14010.yml 38.3.0
2026-04-12T00:07:02.086447+00:00 GitLab Importer Affected by VCID-ujbp-cc1r-wfe9 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/ansible/CVE-2023-5115.yml 38.3.0
2026-04-03T01:33:20.320401+00:00 GitLab Importer Affected by VCID-qbdk-hxhg-wbh4 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/ansible/CVE-2025-14010.yml 38.1.0
2026-04-03T00:11:41.309691+00:00 GitLab Importer Affected by VCID-ujbp-cc1r-wfe9 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/ansible/CVE-2023-5115.yml 38.1.0
2026-04-01T15:09:46.127928+00:00 PyPI Importer Affected by VCID-4yvf-k192-9fca https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.0.0
2026-04-01T12:46:05.308276+00:00 Pypa Importer Affected by VCID-4yvf-k192-9fca https://github.com/pypa/advisory-database/blob/main/vulns/ansible/PYSEC-2021-126.yaml 38.0.0