Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/ansible-core@2.16.1
Typepypi
Namespace
Nameansible-core
Version2.16.1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.16.3
Latest_non_vulnerable_version2.16.3
Affected_by_vulnerabilities
0
url VCID-d5za-vy85-j3he
vulnerability_id VCID-d5za-vy85-j3he
summary An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. It was discovered that information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as decrypted secret values.
references
0
reference_url https://access.redhat.com/errata/RHSA-2024:0733
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/errata/RHSA-2024:0733
1
reference_url https://access.redhat.com/errata/RHSA-2024:2246
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2246
2
reference_url https://access.redhat.com/errata/RHSA-2024:3043
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3043
3
reference_url https://access.redhat.com/security/cve/CVE-2024-0690
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/security/cve/CVE-2024-0690
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2259013
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://bugzilla.redhat.com/show_bug.cgi?id=2259013
5
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
url https://github.com/ansible/ansible
6
reference_url https://github.com/ansible/ansible/commit/6935c8e303440addd3871ecf8e04bde61080b032
reference_id
reference_type
scores
url https://github.com/ansible/ansible/commit/6935c8e303440addd3871ecf8e04bde61080b032
7
reference_url https://github.com/ansible/ansible/commit/78db3a3de6b40fb52d216685ae7cb903c609c3e1
reference_id
reference_type
scores
url https://github.com/ansible/ansible/commit/78db3a3de6b40fb52d216685ae7cb903c609c3e1
8
reference_url https://github.com/ansible/ansible/commit/b9a03bbf5a63459468baf8895ff74a62e9be4532
reference_id
reference_type
scores
url https://github.com/ansible/ansible/commit/b9a03bbf5a63459468baf8895ff74a62e9be4532
9
reference_url https://github.com/ansible/ansible/commit/beb04bc2642c208447c5a936f94310528a1946b1
reference_id
reference_type
scores
url https://github.com/ansible/ansible/commit/beb04bc2642c208447c5a936f94310528a1946b1
10
reference_url https://github.com/ansible/ansible/pull/82565
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://github.com/ansible/ansible/pull/82565
11
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible-core/PYSEC-2024-36.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible-core/PYSEC-2024-36.yaml
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZQGCRDSZL7ONCULMB6ZUHOE4L44KIBP
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZQGCRDSZL7ONCULMB6ZUHOE4L44KIBP
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VDYSWOCPZMNRU5LWKIEBW4WGWLMTU7WQ
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VDYSWOCPZMNRU5LWKIEBW4WGWLMTU7WQ
14
reference_url https://security.netapp.com/advisory/ntap-20250117-0001
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20250117-0001
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-0690
reference_id CVE-2024-0690
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2024-0690
16
reference_url https://github.com/advisories/GHSA-h24r-m9qc-pvpg
reference_id GHSA-h24r-m9qc-pvpg
reference_type
scores
url https://github.com/advisories/GHSA-h24r-m9qc-pvpg
fixed_packages
0
url pkg:pypi/ansible-core@2.16.3
purl pkg:pypi/ansible-core@2.16.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible-core@2.16.3
aliases CVE-2024-0690, GHSA-h24r-m9qc-pvpg, PYSEC-2024-36
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d5za-vy85-j3he
Fixing_vulnerabilities
0
url VCID-unr1-phjn-2ycz
vulnerability_id VCID-unr1-phjn-2ycz
summary 
Improper Neutralization of Special Elements Used in a Template Engine
A template injection flaw was found in Ansible where a user's controller internal templating operations may remove the unsafe designation from template data. This issue could allow an attacker to use a specially crafted file to introduce code injection when supplying templating data.
references
0
reference_url https://access.redhat.com/errata/RHSA-2023:7773
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7773
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2247629
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2247629
2
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
url https://github.com/ansible/ansible
3
reference_url https://github.com/ansible/ansible/commit/270b39f6ff02511a2199505161218cbd1a5ae34f
reference_id
reference_type
scores
url https://github.com/ansible/ansible/commit/270b39f6ff02511a2199505161218cbd1a5ae34f
4
reference_url https://github.com/ansible/ansible/commit/7239d2d371bc6e274cbb7314e01431adce6ae25a
reference_id
reference_type
scores
url https://github.com/ansible/ansible/commit/7239d2d371bc6e274cbb7314e01431adce6ae25a
5
reference_url https://github.com/ansible/ansible/commit/fea130480d261ea5bf6fcd5cf19a348f1686ceb1
reference_id
reference_type
scores
url https://github.com/ansible/ansible/commit/fea130480d261ea5bf6fcd5cf19a348f1686ceb1
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X7Q6CHPVCHMZS5M7V22GOKFSXZAQ24EU
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X7Q6CHPVCHMZS5M7V22GOKFSXZAQ24EU
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X7Q6CHPVCHMZS5M7V22GOKFSXZAQ24EU/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X7Q6CHPVCHMZS5M7V22GOKFSXZAQ24EU/
8
reference_url https://access.redhat.com/security/cve/CVE-2023-5764
reference_id CVE-2023-5764
reference_type
scores
url https://access.redhat.com/security/cve/CVE-2023-5764
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-5764
reference_id CVE-2023-5764
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-5764
10
reference_url https://github.com/advisories/GHSA-7j69-qfc3-2fq9
reference_id GHSA-7j69-qfc3-2fq9
reference_type
scores
url https://github.com/advisories/GHSA-7j69-qfc3-2fq9
fixed_packages
0
url pkg:pypi/ansible-core@2.14.12
purl pkg:pypi/ansible-core@2.14.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible-core@2.14.12
1
url pkg:pypi/ansible-core@2.15.8
purl pkg:pypi/ansible-core@2.15.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-d5za-vy85-j3he
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible-core@2.15.8
2
url pkg:pypi/ansible-core@2.16.1
purl pkg:pypi/ansible-core@2.16.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-d5za-vy85-j3he
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible-core@2.16.1
aliases CVE-2023-5764, GHSA-7j69-qfc3-2fq9
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-unr1-phjn-2ycz
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/ansible-core@2.16.1