Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:pypi/ansible@4.0.0b2

Type pypi

Namespace

Name ansible

Version 4.0.0b2

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 12.0.0

Latest_non_vulnerable_version 12.2.0

Affected_by_vulnerabilities

url VCID-qbdk-hxhg-wbh4

vulnerability_id VCID-qbdk-hxhg-wbh4

summary

Ansible Community General Collection is vulnerable to exposure of sensitive information
A flaw was found in ansible-collection-community-general. This vulnerability allows for information exposure (IE) of sensitive credentials, specifically plaintext passwords, via verbose output when running Ansible with debug modes. Attackers with access to logs could retrieve these secrets and potentially compromise Keycloak accounts or administrative access.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14010.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14010.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-14010

reference_id

reference_type

scores

value	0.00015
scoring_system	epss
scoring_elements	0.03045
published_at	2026-04-04T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.03031
published_at	2026-04-02T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04694
published_at	2026-04-12T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04644
published_at	2026-04-16T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04677
published_at	2026-04-13T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04671
published_at	2026-04-07T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04705
published_at	2026-04-08T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04717
published_at	2026-04-09T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.0471
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-14010

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2418774

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-05T17:22:53Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2418774

reference_url

https://github.com/ansible-collections/community.general

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible-collections/community.general

reference_url

https://github.com/ansible-collections/community.general/commit/08e56bbb9b57740a879d3057d84cdb02a162b840

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible-collections/community.general/commit/08e56bbb9b57740a879d3057d84cdb02a162b840

reference_url	https://github.com/ansible-collections/community.general/commit/54af64ad363efe280b34102d2637fe272c1f7320
reference_id
reference_type
scores
url	https://github.com/ansible-collections/community.general/commit/54af64ad363efe280b34102d2637fe272c1f7320

reference_url

https://github.com/ansible-collections/community.general/issues/11000

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible-collections/community.general/issues/11000

reference_url	https://github.com/ansible-collections/community.general/pull/11005
reference_id
reference_type
scores
url	https://github.com/ansible-collections/community.general/pull/11005

reference_url

https://github.com/ansible-community/ansible-build-data/blob/12.2.0/12/CHANGELOG-v12.md#security-fixes

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible-community/ansible-build-data/blob/12.2.0/12/CHANGELOG-v12.md#security-fixes

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121951
reference_id	1121951
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121951

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:5
reference_id	cpe:/a:redhat:ceph_storage:5
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:5

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:6
reference_id	cpe:/a:redhat:ceph_storage:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:7
reference_id	cpe:/a:redhat:ceph_storage:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:8
reference_id	cpe:/a:redhat:ceph_storage:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:17.1
reference_id	cpe:/a:redhat:openstack:17.1
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:17.1

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:18.0
reference_id	cpe:/a:redhat:openstack:18.0
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:18.0

reference_url

https://access.redhat.com/security/cve/CVE-2025-14010

reference_id

CVE-2025-14010

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-05T17:22:53Z/

url

https://access.redhat.com/security/cve/CVE-2025-14010

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-14010

reference_id

CVE-2025-14010

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-14010

reference_url

https://github.com/advisories/GHSA-8ggh-xwr9-3373

reference_id

GHSA-8ggh-xwr9-3373

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-8ggh-xwr9-3373

fixed_packages

url	pkg:pypi/ansible@12.0.0
purl	pkg:pypi/ansible@12.0.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@12.0.0

url	pkg:pypi/ansible@12.2.0
purl	pkg:pypi/ansible@12.2.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@12.2.0

aliases CVE-2025-14010, GHSA-8ggh-xwr9-3373

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qbdk-hxhg-wbh4

url VCID-ujbp-cc1r-wfe9

vulnerability_id VCID-ujbp-cc1r-wfe9

summary

Ansible symlink attack vulnerability
An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used to overwrite a file outside of the extraction path.

references

reference_url

https://access.redhat.com/errata/RHSA-2023:5701

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2023:5701

reference_url

https://access.redhat.com/errata/RHSA-2023:5758

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2023:5758

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5115.json

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5115.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-5115

reference_id

reference_type

scores

value	0.00716
scoring_system	epss
scoring_elements	0.72388
published_at	2026-04-12T12:55:00Z

value	0.00716
scoring_system	epss
scoring_elements	0.72376
published_at	2026-04-13T12:55:00Z

value	0.00716
scoring_system	epss
scoring_elements	0.72417
published_at	2026-04-16T12:55:00Z

value	0.00716
scoring_system	epss
scoring_elements	0.72404
published_at	2026-04-11T12:55:00Z

value	0.00716
scoring_system	epss
scoring_elements	0.72353
published_at	2026-04-04T12:55:00Z

value	0.00716
scoring_system	epss
scoring_elements	0.72335
published_at	2026-04-02T12:55:00Z

value	0.00716
scoring_system	epss
scoring_elements	0.72381
published_at	2026-04-09T12:55:00Z

value	0.00716
scoring_system	epss
scoring_elements	0.72369
published_at	2026-04-08T12:55:00Z

value	0.00716
scoring_system	epss
scoring_elements	0.7233
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-5115

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2233810

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=2233810

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5115
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5115

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/ansible/ansible

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible

reference_url

https://github.com/ansible/ansible/commit/1e930684bc0a76ec3d094cd326738ad26416541c

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible/ansible/commit/1e930684bc0a76ec3d094cd326738ad26416541c

reference_url

https://github.com/ansible-community/ansible-build-data/blob/16d36538b96c65d9e0e28d89781361b69857ac0e/8/CHANGELOG-v8.rst#L221

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ansible-community/ansible-build-data/blob/16d36538b96c65d9e0e28d89781361b69857ac0e/8/CHANGELOG-v8.rst#L221

reference_url

https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053693
reference_id	1053693
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053693

reference_url

https://access.redhat.com/security/cve/CVE-2023-5115

reference_id

CVE-2023-5115

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/security/cve/CVE-2023-5115

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-5115

reference_id

CVE-2023-5115

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-5115

reference_url

https://github.com/advisories/GHSA-jpvw-p8pr-9g2x

reference_id

GHSA-jpvw-p8pr-9g2x

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-jpvw-p8pr-9g2x

fixed_packages

url pkg:pypi/ansible@8.5.0

purl pkg:pypi/ansible@8.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qbdk-hxhg-wbh4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@8.5.0

aliases CVE-2023-5115, GHSA-jpvw-p8pr-9g2x

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ujbp-cc1r-wfe9

Fixing_vulnerabilities

Risk_score 3.1

Resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@4.0.0b2

Package Instance