{"url":"http://public2.vulnerablecode.io/api/packages/6623?format=json","purl":"pkg:pypi/ansible@2.4.4.0","type":"pypi","namespace":"","name":"ansible","version":"2.4.4.0","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"12.0.0","latest_non_vulnerable_version":"12.2.0","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6475?format=json","vulnerability_id":"VCID-4yvf-k192-9fca","summary":"A flaw was found in Ansible if an ansible user sets ANSIBLE_ASYNC_DIR to a subdirectory of a world writable directory. When this occurs, there is a race condition on the managed machine. A malicious, non-privileged account on the remote machine can exploit the race condition to access the async result data. This flaw affects Ansible Tower 3.7 and Ansible Automation Platform 1.2.","references":[{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1956477","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1956477"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.archlinux.org/AVG-2056","reference_id":"AVG-2056","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2056"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3533","reference_id":"CVE-2021-3533","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3533"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/17555?format=json","purl":"pkg:pypi/ansible@3.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@3.0.0"}],"aliases":["CVE-2021-3533","PYSEC-2021-126"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4yvf-k192-9fca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5746?format=json","vulnerability_id":"VCID-5hwt-gkgx-jqb4","summary":"Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the no_log task flag for failed tasks. When the no_log flag has been used to protect sensitive data passed to a task from being logged, and that task does not run successfully, Ansible will expose sensitive data in log files and on the terminal of the user running Ansible.","references":[{"reference_url":"https://access.redhat.com/errata/RHBA-2018:3788","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHBA-2018:3788"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1948","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:1948"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1949","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:1949"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2022","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:2022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2079","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:2079"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2184","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:2184"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2585","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:2585"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0054","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:0054"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10855.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10855.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10855","reference_id":"","reference_type":"","scores":[{"value":"0.03372","scoring_system":"epss","scoring_elements":"0.87314","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03372","scoring_system":"epss","scoring_elements":"0.87372","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03372","scoring_system":"epss","scoring_elements":"0.87368","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03372","scoring_system":"epss","scoring_elements":"0.87377","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03372","scoring_system":"epss","scoring_elements":"0.87365","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03372","scoring_system":"epss","scoring_elements":"0.87358","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03372","scoring_system":"epss","scoring_elements":"0.8734","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03372","scoring_system":"epss","scoring_elements":"0.87324","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10855"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10855","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10855"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10855","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10855"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10875","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10875"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16876","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16876"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3828","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3828"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-jwcc-j78w-j73w","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jwcc-j78w-j73w"},{"reference_url":"https://github.com/ansible/ansible","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2018-42.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2018-42.yaml"},{"reference_url":"https://usn.ubuntu.com/4072-1","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/4072-1"},{"reference_url":"https://usn.ubuntu.com/4072-1/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4072-1/"},{"reference_url":"https://www.debian.org/security/2019/dsa-4396","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2019/dsa-4396"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1588855","reference_id":"1588855","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1588855"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ansible_engine:2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms:4.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:cloudforms:4.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms:4.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:openstack:12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-10855","reference_id":"CVE-2018-10855","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"},{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-10855"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/6624?format=json","purl":"pkg:pypi/ansible@2.4.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-drt9-vx5r-akgm"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-kb5h-116p-33b4"},{"vulnerability":"VCID-puq1-z5h7-pkdg"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-rknj-nkgs-wyg2"},{"vulnerability":"VCID-t6db-buke-nfhf"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-wqm7-2ajr-6ue8"},{"vulnerability":"VCID-x5e2-7whc-v3fc"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-y91x-2rch-pkar"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-ykxk-6mpc-wkgt"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.4.5.0"},{"url":"http://public2.vulnerablecode.io/api/packages/6630?format=json","purl":"pkg:pypi/ansible@2.5.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b1pw-nusu-27c4"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-drt9-vx5r-akgm"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-kb5h-116p-33b4"},{"vulnerability":"VCID-puq1-z5h7-pkdg"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-rknj-nkgs-wyg2"},{"vulnerability":"VCID-t6db-buke-nfhf"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-wqm7-2ajr-6ue8"},{"vulnerability":"VCID-x5e2-7whc-v3fc"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-y91x-2rch-pkar"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-ykxk-6mpc-wkgt"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.5.5"}],"aliases":["CVE-2018-10855","GHSA-jwcc-j78w-j73w","PYSEC-2018-42"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5hwt-gkgx-jqb4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/20186?format=json","vulnerability_id":"VCID-682j-e2pu-1uee","summary":"Improper Neutralization of Special Elements Used in a Template Engine\nA template injection flaw was found in Ansible where a user's controller internal templating operations may remove the unsafe designation from template data. This issue could allow an attacker to use a specially crafted file to introduce code injection when supplying templating data.","references":[{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7773","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N"},{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:28Z/"}],"url":"https://access.redhat.com/errata/RHSA-2023:7773"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5764.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5764.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5764","reference_id":"","reference_type":"","scores":[{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.2163","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21687","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21801","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21552","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21699","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21746","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.2166","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21603","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5764"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2247629","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N"},{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:28Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2247629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5764"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/ansible/ansible","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible"},{"reference_url":"https://github.com/ansible/ansible/commit/270b39f6ff02511a2199505161218cbd1a5ae34f","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/270b39f6ff02511a2199505161218cbd1a5ae34f"},{"reference_url":"https://github.com/ansible/ansible/commit/7239d2d371bc6e274cbb7314e01431adce6ae25a","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/7239d2d371bc6e274cbb7314e01431adce6ae25a"},{"reference_url":"https://github.com/ansible/ansible/commit/fea130480d261ea5bf6fcd5cf19a348f1686ceb1","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/fea130480d261ea5bf6fcd5cf19a348f1686ceb1"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X7Q6CHPVCHMZS5M7V22GOKFSXZAQ24EU","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X7Q6CHPVCHMZS5M7V22GOKFSXZAQ24EU"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X7Q6CHPVCHMZS5M7V22GOKFSXZAQ24EU/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X7Q6CHPVCHMZS5M7V22GOKFSXZAQ24EU/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057427","reference_id":"1057427","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057427"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el8","reference_id":"cpe:/a:redhat:ansible_automation_platform:2.4::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el9","reference_id":"cpe:/a:redhat:ansible_automation_platform:2.4::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2.4::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8","reference_id":"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9","reference_id":"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8","reference_id":"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9","reference_id":"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-5764","reference_id":"CVE-2023-5764","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N"},{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:28Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2023-5764"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5764","reference_id":"CVE-2023-5764","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5764"},{"reference_url":"https://github.com/advisories/GHSA-7j69-qfc3-2fq9","reference_id":"GHSA-7j69-qfc3-2fq9","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7j69-qfc3-2fq9"},{"reference_url":"https://usn.ubuntu.com/6846-1/","reference_id":"USN-6846-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6846-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/17553?format=json","purl":"pkg:pypi/ansible@3.0.0b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@3.0.0b1"},{"url":"http://public2.vulnerablecode.io/api/packages/17555?format=json","purl":"pkg:pypi/ansible@3.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@3.0.0"}],"aliases":["CVE-2023-5764","GHSA-7j69-qfc3-2fq9"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-682j-e2pu-1uee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6043?format=json","vulnerability_id":"VCID-ae1r-yq1g-rkem","summary":"A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the win_unzip module as the extracted file(s) are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive anywhere in the file system, using a path traversal. This issue is fixed in 2.10.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1737.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1737.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1737","reference_id":"","reference_type":"","scores":[{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30802","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30848","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30983","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.3089","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30889","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30858","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.308","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30936","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30807","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1737"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1737","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1737"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-893h-35v4-mxqx","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-893h-35v4-mxqx"},{"reference_url":"https://github.com/ansible/ansible/issues/67795","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/issues/67795"},{"reference_url":"https://github.com/ansible/ansible/pull/67799","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/pull/67799"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-9.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-9.yaml"},{"reference_url":"https://github.com/samdoran/ansible","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/samdoran/ansible"},{"reference_url":"https://github.com/samdoran/ansible/commit/1de638b4d38d6d916588e2ad48d01f90dab8c36d","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/samdoran/ansible/commit/1de638b4d38d6d916588e2ad48d01f90dab8c36d"},{"reference_url":"https://github.com/samdoran/ansible/commit/aaf549d7870b8687209a3282841b59207735b676","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/samdoran/ansible/commit/aaf549d7870b8687209a3282841b59207735b676"},{"reference_url":"https://github.com/samdoran/ansible/commit/b60aa26e2313a8d52c0e0d3fd01696e797605b72","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/samdoran/ansible/commit/b60aa26e2313a8d52c0e0d3fd01696e797605b72"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FWDK3QUVBULS3Q3PQTGEKUQYPSNOU5M3","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FWDK3QUVBULS3Q3PQTGEKUQYPSNOU5M3"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FWDK3QUVBULS3Q3PQTGEKUQYPSNOU5M3/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FWDK3QUVBULS3Q3PQTGEKUQYPSNOU5M3/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QT27K5ZRGDPCH7GT3DRI3LO4IVDVQUB7","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QT27K5ZRGDPCH7GT3DRI3LO4IVDVQUB7"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QT27K5ZRGDPCH7GT3DRI3LO4IVDVQUB7/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QT27K5ZRGDPCH7GT3DRI3LO4IVDVQUB7/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3IMV3XEIUXL6S4KPLYYM4TVJQ2VNEP2","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3IMV3XEIUXL6S4KPLYYM4TVJQ2VNEP2"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3IMV3XEIUXL6S4KPLYYM4TVJQ2VNEP2/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3IMV3XEIUXL6S4KPLYYM4TVJQ2VNEP2/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1737","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1737"},{"reference_url":"https://security.gentoo.org/glsa/202006-11","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202006-11"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1802154","reference_id":"1802154","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1802154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1541","reference_id":"RHSA-2020:1541","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1541"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1542","reference_id":"RHSA-2020:1542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1543","reference_id":"RHSA-2020:1543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1543"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1544","reference_id":"RHSA-2020:1544","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1544"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/7570?format=json","purl":"pkg:pypi/ansible@2.7.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.17"},{"url":"http://public2.vulnerablecode.io/api/packages/7572?format=json","purl":"pkg:pypi/ansible@2.8.0a1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-a49n-tvnt-p3df"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-kb5h-116p-33b4"},{"vulnerability":"VCID-nukv-kkws-xkb1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-uhg5-zpzt-e3gz"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x5e2-7whc-v3fc"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.0a1"},{"url":"http://public2.vulnerablecode.io/api/packages/10050?format=json","purl":"pkg:pypi/ansible@2.8.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.9"},{"url":"http://public2.vulnerablecode.io/api/packages/10051?format=json","purl":"pkg:pypi/ansible@2.9.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3jej-4jyp-cqbt"},{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.6"}],"aliases":["CVE-2020-1737","GHSA-893h-35v4-mxqx","PYSEC-2020-9"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ae1r-yq1g-rkem"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/13372?format=json","vulnerability_id":"VCID-atun-stks-4kcb","summary":"Insertion of Sensitive Information into Log File\nA flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20180.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20180.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20180","reference_id":"","reference_type":"","scores":[{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11284","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11312","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11345","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11339","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11285","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11204","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11412","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11355","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11208","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20180"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1915808","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1915808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20180","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20180"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/ansible/ansible","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible"},{"reference_url":"https://github.com/ansible/ansible/blob/v2.8.19/changelogs/CHANGELOG-v2.8.rst","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/blob/v2.8.19/changelogs/CHANGELOG-v2.8.rst"},{"reference_url":"https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst"},{"reference_url":"https://github.com/ansible/ansible/pull/73242","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/pull/73242"},{"reference_url":"https://github.com/ansible/ansible/pull/73243","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/pull/73243"},{"reference_url":"https://github.com/ansible/ansible/tree/v2.7.18/lib/ansible/modules/source_control","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/tree/v2.7.18/lib/ansible/modules/source_control"},{"reference_url":"https://github.com/ansible/ansible/tree/v2.8.0a1/lib/ansible/modules/source_control","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/tree/v2.8.0a1/lib/ansible/modules/source_control"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985753","reference_id":"985753","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985753"},{"reference_url":"https://security.archlinux.org/ASA-202102-9","reference_id":"ASA-202102-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202102-9"},{"reference_url":"https://security.archlinux.org/AVG-1437","reference_id":"AVG-1437","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1437"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-20180","reference_id":"CVE-2021-20180","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-20180"},{"reference_url":"https://github.com/advisories/GHSA-fh5v-5f35-2rv2","reference_id":"GHSA-fh5v-5f35-2rv2","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-fh5v-5f35-2rv2"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0663","reference_id":"RHSA-2021:0663","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0663"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0664","reference_id":"RHSA-2021:0664","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0664"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1079","reference_id":"RHSA-2021:1079","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1079"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2180","reference_id":"RHSA-2021:2180","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2180"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13291?format=json","purl":"pkg:pypi/ansible@2.8.19","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-x94k-nxyd-27gs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.19"},{"url":"http://public2.vulnerablecode.io/api/packages/13310?format=json","purl":"pkg:pypi/ansible@2.9.18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.18"}],"aliases":["CVE-2021-20180","GHSA-fh5v-5f35-2rv2"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-atun-stks-4kcb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6601?format=json","vulnerability_id":"VCID-axc3-wcsk-q3eg","summary":"A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-line YAML strings and the facts being handled do not routinely include special template characters. This flaw allows attackers to perform command injection, which discloses sensitive information. The highest threat from this vulnerability is to confidentiality and integrity.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3583.json","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3583.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3583","reference_id":"","reference_type":"","scores":[{"value":"0.00319","scoring_system":"epss","scoring_elements":"0.5489","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00319","scoring_system":"epss","scoring_elements":"0.54913","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00319","scoring_system":"epss","scoring_elements":"0.54931","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00319","scoring_system":"epss","scoring_elements":"0.54919","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00319","scoring_system":"epss","scoring_elements":"0.54804","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00319","scoring_system":"epss","scoring_elements":"0.5487","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00319","scoring_system":"epss","scoring_elements":"0.54901","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00319","scoring_system":"epss","scoring_elements":"0.54875","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00319","scoring_system":"epss","scoring_elements":"0.5492","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3583"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1968412","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1968412"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3583","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3583"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-2pfh-q76x-gwvm","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2pfh-q76x-gwvm"},{"reference_url":"https://github.com/ansible/ansible","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible"},{"reference_url":"https://github.com/ansible/ansible/commit/03aff644cc1c00e1f7551195c68fbd0d13a39e6e","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/03aff644cc1c00e1f7551195c68fbd0d13a39e6e"},{"reference_url":"https://github.com/ansible/ansible/commit/8aa850e3573e48c9a2f12aef84e8a3a6f5ba4847","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/8aa850e3573e48c9a2f12aef84e8a3a6f5ba4847"},{"reference_url":"https://github.com/ansible/ansible/commit/8b17e5b9229ffaecfe10a4881bc3f87dd2c184e1","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/8b17e5b9229ffaecfe10a4881bc3f87dd2c184e1"},{"reference_url":"https://github.com/ansible/ansible/pull/74960","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/pull/74960"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-358.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-358.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html"},{"reference_url":"https://security.archlinux.org/AVG-2260","reference_id":"AVG-2260","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2260"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3583","reference_id":"CVE-2021-3583","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3583"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2663","reference_id":"RHSA-2021:2663","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2663"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2664","reference_id":"RHSA-2021:2664","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2664"},{"reference_url":"https://usn.ubuntu.com/USN-5315-1/","reference_id":"USN-USN-5315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5315-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13319?format=json","purl":"pkg:pypi/ansible@2.9.23rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.23rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/13320?format=json","purl":"pkg:pypi/ansible@2.9.23","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.23"},{"url":"http://public2.vulnerablecode.io/api/packages/74280?format=json","purl":"pkg:pypi/ansible@2.10.11rc1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.11rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/74281?format=json","purl":"pkg:pypi/ansible@2.11.2rc1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.11.2rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/17553?format=json","purl":"pkg:pypi/ansible@3.0.0b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@3.0.0b1"}],"aliases":["CVE-2021-3583","GHSA-2pfh-q76x-gwvm","PYSEC-2021-358"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-axc3-wcsk-q3eg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6049?format=json","vulnerability_id":"VCID-b8zs-br97-57av","summary":"A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 and prior when a password is set with the argument \"password\" of svn module, it is used on svn command line, disclosing to other users within the same node. An attacker could take advantage by reading the cmdline file from that particular PID on the procfs.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1739.json","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1739.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1739","reference_id":"","reference_type":"","scores":[{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13748","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13797","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13834","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13865","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13815","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.1378","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13874","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.1393","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13732","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1739"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1739","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"2.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-923p-fr2c-g5m2","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"2.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-923p-fr2c-g5m2"},{"reference_url":"https://github.com/ansible/ansible","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"2.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible"},{"reference_url":"https://github.com/ansible/ansible/commit/1a89d4f059c21a818306a39ada7f5284ae125237","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"2.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/1a89d4f059c21a818306a39ada7f5284ae125237"},{"reference_url":"https://github.com/ansible/ansible/commit/6c74a298702c8bb5532b9600073312e08f39680f","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"2.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/6c74a298702c8bb5532b9600073312e08f39680f"},{"reference_url":"https://github.com/ansible/ansible/commit/c6c4fbf4a1fdea1e10ba94462a60c413990a16a4","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"2.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/c6c4fbf4a1fdea1e10ba94462a60c413990a16a4"},{"reference_url":"https://github.com/ansible/ansible/issues/67797","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"2.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/issues/67797"},{"reference_url":"https://github.com/ansible/ansible/pull/68911","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"2.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/pull/68911"},{"reference_url":"https://github.com/ansible/ansible/pull/68912","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"2.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/pull/68912"},{"reference_url":"https://github.com/ansible/ansible/pull/68913","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"2.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/pull/68913"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-11.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"2.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-11.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/05/msg00005.html","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"2.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2020/05/msg00005.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FWDK3QUVBULS3Q3PQTGEKUQYPSNOU5M3/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FWDK3QUVBULS3Q3PQTGEKUQYPSNOU5M3/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QT27K5ZRGDPCH7GT3DRI3LO4IVDVQUB7/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QT27K5ZRGDPCH7GT3DRI3LO4IVDVQUB7/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U3IMV3XEIUXL6S4KPLYYM4TVJQ2VNEP2/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U3IMV3XEIUXL6S4KPLYYM4TVJQ2VNEP2/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FWDK3QUVBULS3Q3PQTGEKUQYPSNOU5M3","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"2.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FWDK3QUVBULS3Q3PQTGEKUQYPSNOU5M3"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FWDK3QUVBULS3Q3PQTGEKUQYPSNOU5M3/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FWDK3QUVBULS3Q3PQTGEKUQYPSNOU5M3/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QT27K5ZRGDPCH7GT3DRI3LO4IVDVQUB7","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"2.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QT27K5ZRGDPCH7GT3DRI3LO4IVDVQUB7"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QT27K5ZRGDPCH7GT3DRI3LO4IVDVQUB7/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QT27K5ZRGDPCH7GT3DRI3LO4IVDVQUB7/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3IMV3XEIUXL6S4KPLYYM4TVJQ2VNEP2","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"2.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3IMV3XEIUXL6S4KPLYYM4TVJQ2VNEP2"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3IMV3XEIUXL6S4KPLYYM4TVJQ2VNEP2/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3IMV3XEIUXL6S4KPLYYM4TVJQ2VNEP2/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1739","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:P/I:P/A:N"},{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"2.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1739"},{"reference_url":"https://www.debian.org/security/2021/dsa-4950","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"2.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2021/dsa-4950"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1802178","reference_id":"1802178","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1802178"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1541","reference_id":"RHSA-2020:1541","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1541"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1542","reference_id":"RHSA-2020:1542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1543","reference_id":"RHSA-2020:1543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1543"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1544","reference_id":"RHSA-2020:1544","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1544"},{"reference_url":"https://usn.ubuntu.com/7330-1/","reference_id":"USN-7330-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7330-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/7570?format=json","purl":"pkg:pypi/ansible@2.7.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.17"},{"url":"http://public2.vulnerablecode.io/api/packages/7572?format=json","purl":"pkg:pypi/ansible@2.8.0a1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-a49n-tvnt-p3df"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-kb5h-116p-33b4"},{"vulnerability":"VCID-nukv-kkws-xkb1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-uhg5-zpzt-e3gz"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x5e2-7whc-v3fc"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.0a1"},{"url":"http://public2.vulnerablecode.io/api/packages/10050?format=json","purl":"pkg:pypi/ansible@2.8.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.9"},{"url":"http://public2.vulnerablecode.io/api/packages/10145?format=json","purl":"pkg:pypi/ansible@2.8.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.11"},{"url":"http://public2.vulnerablecode.io/api/packages/10051?format=json","purl":"pkg:pypi/ansible@2.9.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3jej-4jyp-cqbt"},{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.6"},{"url":"http://public2.vulnerablecode.io/api/packages/10146?format=json","purl":"pkg:pypi/ansible@2.9.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.7"}],"aliases":["CVE-2020-1739","GHSA-923p-fr2c-g5m2","PYSEC-2020-11"],"risk_score":1.8,"exploitability":"0.5","weighted_severity":"3.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b8zs-br97-57av"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6056?format=json","vulnerability_id":"VCID-c1xg-s3kx-gkft","summary":"A flaw was found in Ansible Engine when a file is moved using atomic_move primitive as the file mode cannot be specified. This sets the destination files world-readable if the destination file does not exist and if the file exists, the file could be changed to have less restrictive permissions before the move. This could lead to the disclosure of sensitive data. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1736.json","reference_id":"","reference_type":"","scores":[{"value":"2.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1736.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1736","reference_id":"","reference_type":"","scores":[{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12221","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12184","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12383","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12337","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13875","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13918","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13791","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13866","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13839","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1736"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1736","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1736"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1736","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1736"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-x7jh-595q-wq82","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-x7jh-595q-wq82"},{"reference_url":"https://github.com/ansible/ansible","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible"},{"reference_url":"https://github.com/ansible/ansible/issues/67794","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/issues/67794"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-8.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-8.yaml"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2NYYQP2XJB2TTRP6AKWVMBSPB2DFJNKD/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2NYYQP2XJB2TTRP6AKWVMBSPB2DFJNKD/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPNZWBAUP4ZHUR6PO7U6ZXEKNCX62KZ7/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPNZWBAUP4ZHUR6PO7U6ZXEKNCX62KZ7/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NYYQP2XJB2TTRP6AKWVMBSPB2DFJNKD","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NYYQP2XJB2TTRP6AKWVMBSPB2DFJNKD"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NYYQP2XJB2TTRP6AKWVMBSPB2DFJNKD/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NYYQP2XJB2TTRP6AKWVMBSPB2DFJNKD/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPNZWBAUP4ZHUR6PO7U6ZXEKNCX62KZ7","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPNZWBAUP4ZHUR6PO7U6ZXEKNCX62KZ7"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPNZWBAUP4ZHUR6PO7U6ZXEKNCX62KZ7/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPNZWBAUP4ZHUR6PO7U6ZXEKNCX62KZ7/"},{"reference_url":"https://security.gentoo.org/glsa/202006-11","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202006-11"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1802124","reference_id":"1802124","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1802124"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966663","reference_id":"966663","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966663"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1736","reference_id":"CVE-2020-1736","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:P/I:N/A:N"},{"value":"2.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1736"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3600","reference_id":"RHSA-2020:3600","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3600"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/7570?format=json","purl":"pkg:pypi/ansible@2.7.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.17"},{"url":"http://public2.vulnerablecode.io/api/packages/10050?format=json","purl":"pkg:pypi/ansible@2.8.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.9"},{"url":"http://public2.vulnerablecode.io/api/packages/10051?format=json","purl":"pkg:pypi/ansible@2.9.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3jej-4jyp-cqbt"},{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.6"},{"url":"http://public2.vulnerablecode.io/api/packages/13575?format=json","purl":"pkg:pypi/ansible@2.10.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jy6-eqpn-wbce"},{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.1"}],"aliases":["CVE-2020-1736","GHSA-x7jh-595q-wq82","PYSEC-2020-8"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c1xg-s3kx-gkft"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6131?format=json","vulnerability_id":"VCID-d4ka-dk4p-kfhb","summary":"A flaw was found in the solaris_zone module from the Ansible Community modules. When setting the name for the zone on the Solaris host, the zone name is checked by listing the process with the 'ps' bare command on the remote machine. An attacker could take advantage of this flaw by crafting the name of the zone and executing arbitrary commands in the remote host. Ansible Engine 2.7.15, 2.8.7, and 2.9.2 as well as previous versions are affected.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14904.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14904.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14904","reference_id":"","reference_type":"","scores":[{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.1244","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12481","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.1252","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12549","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12498","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12417","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12609","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12567","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12463","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14904"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1776944","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:L"},{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:H/SI:L/SA:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1776944"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-gwr8-5j83-483c","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:L"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:H/SI:L/SA:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-gwr8-5j83-483c"},{"reference_url":"https://github.com/ansible/ansible","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:L"},{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:H/SI:L/SA:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible"},{"reference_url":"https://github.com/ansible/ansible/commit/589a415f887b6f2bb65cd07fe6b2e9d0a8156b69","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:L"},{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:H/SI:L/SA:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/589a415f887b6f2bb65cd07fe6b2e9d0a8156b69"},{"reference_url":"https://github.com/ansible/ansible/commit/6a86650109b8654f5898369e45d3857624edf907","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:L"},{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:H/SI:L/SA:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/6a86650109b8654f5898369e45d3857624edf907"},{"reference_url":"https://github.com/ansible/ansible/commit/a1b0f72c98b4b2afaab8aafa255e82c2075049c8","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:L"},{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:H/SI:L/SA:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/a1b0f72c98b4b2afaab8aafa255e82c2075049c8"},{"reference_url":"https://github.com/ansible/ansible/pull/65686","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:L"},{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:H/SI:L/SA:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/pull/65686"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-161.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:L"},{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:H/SI:L/SA:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-161.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/01/msg00023.html","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:L"},{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:H/SI:L/SA:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2021/01/msg00023.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-14904","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:L"},{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:H/SI:L/SA:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-14904"},{"reference_url":"https://www.debian.org/security/2021/dsa-4950","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:L"},{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:H/SI:L/SA:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2021/dsa-4950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0215","reference_id":"RHSA-2020:0215","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0215"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0217","reference_id":"RHSA-2020:0217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0217"},{"reference_url":"https://usn.ubuntu.com/7330-1/","reference_id":"USN-7330-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7330-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/7568?format=json","purl":"pkg:pypi/ansible@2.7.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-a49n-tvnt-p3df"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-uhg5-zpzt-e3gz"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.15"},{"url":"http://public2.vulnerablecode.io/api/packages/7569?format=json","purl":"pkg:pypi/ansible@2.7.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.16"},{"url":"http://public2.vulnerablecode.io/api/packages/9832?format=json","purl":"pkg:pypi/ansible@2.8.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-a49n-tvnt-p3df"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-uhg5-zpzt-e3gz"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.7"},{"url":"http://public2.vulnerablecode.io/api/packages/10045?format=json","purl":"pkg:pypi/ansible@2.8.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.8"},{"url":"http://public2.vulnerablecode.io/api/packages/10046?format=json","purl":"pkg:pypi/ansible@2.9.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3jej-4jyp-cqbt"},{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-a49n-tvnt-p3df"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.2"},{"url":"http://public2.vulnerablecode.io/api/packages/10047?format=json","purl":"pkg:pypi/ansible@2.9.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3jej-4jyp-cqbt"},{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.3"}],"aliases":["CVE-2019-14904","GHSA-gwr8-5j83-483c","PYSEC-2020-161"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d4ka-dk4p-kfhb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6055?format=json","vulnerability_id":"VCID-d7ez-s7qb-p3ay","summary":"A flaw was found in Ansible Engine when the module package or service is used and the parameter 'use' is not specified. If a previous task is executed with a malicious user, the module sent can be selected by the attacker using the ansible facts file. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1738.json","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1738.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1738","reference_id":"","reference_type":"","scores":[{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.33988","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34012","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34055","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34056","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34025","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.33983","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34123","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34092","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.33754","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1738"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1738","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L"},{"value":"1.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1738"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1738","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1738"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-f85h-23mf-2fwh","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L"},{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"1.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-f85h-23mf-2fwh"},{"reference_url":"https://github.com/ansible/ansible","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L"},{"value":"1.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible"},{"reference_url":"https://github.com/ansible/ansible/issues/67796","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L"},{"value":"1.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/issues/67796"},{"reference_url":"https://github.com/ansible/ansible/pull/67808","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L"},{"value":"1.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/pull/67808"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-10.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L"},{"value":"1.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-10.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1738","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:H/Au:N/C:N/I:P/A:P"},{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L"},{"value":"1.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1738"},{"reference_url":"https://security.gentoo.org/glsa/202006-11","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L"},{"value":"1.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202006-11"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1802164","reference_id":"1802164","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1802164"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/7570?format=json","purl":"pkg:pypi/ansible@2.7.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.17"},{"url":"http://public2.vulnerablecode.io/api/packages/7572?format=json","purl":"pkg:pypi/ansible@2.8.0a1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-a49n-tvnt-p3df"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-kb5h-116p-33b4"},{"vulnerability":"VCID-nukv-kkws-xkb1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-uhg5-zpzt-e3gz"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x5e2-7whc-v3fc"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.0a1"},{"url":"http://public2.vulnerablecode.io/api/packages/10050?format=json","purl":"pkg:pypi/ansible@2.8.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.9"},{"url":"http://public2.vulnerablecode.io/api/packages/10145?format=json","purl":"pkg:pypi/ansible@2.8.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.11"},{"url":"http://public2.vulnerablecode.io/api/packages/10051?format=json","purl":"pkg:pypi/ansible@2.9.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3jej-4jyp-cqbt"},{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.6"},{"url":"http://public2.vulnerablecode.io/api/packages/10146?format=json","purl":"pkg:pypi/ansible@2.9.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.7"}],"aliases":["CVE-2020-1738","GHSA-f85h-23mf-2fwh","PYSEC-2020-10"],"risk_score":1.8,"exploitability":"0.5","weighted_severity":"3.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d7ez-s7qb-p3ay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5860?format=json","vulnerability_id":"VCID-drt9-vx5r-akgm","summary":"Ansible fetch module before versions 2.5.15, 2.6.14, 2.7.8 has a path traversal vulnerability which allows copying and overwriting files outside of the specified destination in the local ansible controller host, by not restricting an absolute path.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"2.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"2.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"2.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html"},{"reference_url":"http://packetstormsecurity.com/files/172837/Ansible-Fetch-Path-Traversal.html","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"2.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://packetstormsecurity.com/files/172837/Ansible-Fetch-Path-Traversal.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3744","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"2.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:3744"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3789","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"2.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:3789"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3828.json","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3828.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3828","reference_id":"","reference_type":"","scores":[{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08479","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08511","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08518","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08499","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08426","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08508","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08454","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08411","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08494","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3828"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3828","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"2.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3828"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10855","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10855"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10875","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10875"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16876","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16876"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3828","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3828"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-74vq-h4q8-x6jv","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"2.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-74vq-h4q8-x6jv"},{"reference_url":"https://github.com/ansible/ansible","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"2.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible"},{"reference_url":"https://github.com/ansible/ansible/commit/396a2f74717477d80600450e2b7e45349d7b5110","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"2.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/396a2f74717477d80600450e2b7e45349d7b5110"},{"reference_url":"https://github.com/ansible/ansible/commit/4be3215d2f9f84ca283895879f0c6ce1ed7dd333","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"2.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/4be3215d2f9f84ca283895879f0c6ce1ed7dd333"},{"reference_url":"https://github.com/ansible/ansible/commit/f3edc091523fbe301926b7a0db25fbbd96940d93","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"2.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/f3edc091523fbe301926b7a0db25fbbd96940d93"},{"reference_url":"https://github.com/ansible/ansible/pull/52133","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"2.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/pull/52133"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2019-5.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"2.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2019-5.yaml"},{"reference_url":"https://usn.ubuntu.com/4072-1","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"2.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/4072-1"},{"reference_url":"https://usn.ubuntu.com/4072-1/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4072-1/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1676689","reference_id":"1676689","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1676689"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922537","reference_id":"922537","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922537"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-3828","reference_id":"CVE-2019-3828","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:P/I:P/A:N"},{"value":"4.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"2.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-3828"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0430","reference_id":"RHSA-2019:0430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0430"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0431","reference_id":"RHSA-2019:0431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0432","reference_id":"RHSA-2019:0432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0432"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0433","reference_id":"RHSA-2019:0433","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0433"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/8228?format=json","purl":"pkg:pypi/ansible@2.5.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-kb5h-116p-33b4"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-t6db-buke-nfhf"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x5e2-7whc-v3fc"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-ykxk-6mpc-wkgt"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.5.15"},{"url":"http://public2.vulnerablecode.io/api/packages/8229?format=json","purl":"pkg:pypi/ansible@2.6.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-ckt2-us5z-pyef"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-kb5h-116p-33b4"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-swpr-3qae-d7fe"},{"vulnerability":"VCID-t6db-buke-nfhf"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x5e2-7whc-v3fc"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-ykxk-6mpc-wkgt"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.6.14"},{"url":"http://public2.vulnerablecode.io/api/packages/7561?format=json","purl":"pkg:pypi/ansible@2.7.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-a49n-tvnt-p3df"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-ckt2-us5z-pyef"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dagf-buer-4ffr"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-kb5h-116p-33b4"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-swpr-3qae-d7fe"},{"vulnerability":"VCID-t6db-buke-nfhf"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-uhg5-zpzt-e3gz"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x5e2-7whc-v3fc"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-ykxk-6mpc-wkgt"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.8"}],"aliases":["CVE-2019-3828","GHSA-74vq-h4q8-x6jv","PYSEC-2019-5"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-drt9-vx5r-akgm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6324?format=json","vulnerability_id":"VCID-e3z2-ydhb-gqfg","summary":"A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20228.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20228.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20228","reference_id":"","reference_type":"","scores":[{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35396","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.3542","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35463","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35454","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35429","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35383","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.355","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35276","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35475","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20228"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1925002","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1925002"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-5rrg-rr89-x9mv","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5rrg-rr89-x9mv"},{"reference_url":"https://github.com/ansible/ansible","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible"},{"reference_url":"https://github.com/ansible/ansible/commit/49ebd509df9de1c1fc1bcee00e79a835dd00662c","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/49ebd509df9de1c1fc1bcee00e79a835dd00662c"},{"reference_url":"https://github.com/ansible/ansible/commit/e41d1f0a3fd6c466192e7e24accd3d1c6501111b","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/e41d1f0a3fd6c466192e7e24accd3d1c6501111b"},{"reference_url":"https://github.com/ansible/ansible/commit/f8ff395d817c3eddc050f809919c15dfb5796120","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/f8ff395d817c3eddc050f809919c15dfb5796120"},{"reference_url":"https://github.com/ansible/ansible/pull/73487","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/pull/73487"},{"reference_url":"https://github.com/ansible/ansible/pull/73492","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/pull/73492"},{"reference_url":"https://github.com/ansible/ansible/pull/73493","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/pull/73493"},{"reference_url":"https://github.com/ansible/ansible/pull/73494","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/pull/73494"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-1.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-1.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-20228","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-20228"},{"reference_url":"https://www.debian.org/security/2021/dsa-4950","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2021/dsa-4950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0663","reference_id":"RHSA-2021:0663","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0663"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0664","reference_id":"RHSA-2021:0664","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0664"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1079","reference_id":"RHSA-2021:1079","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1079"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2180","reference_id":"RHSA-2021:2180","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2180"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13290?format=json","purl":"pkg:pypi/ansible@2.8.19rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.19rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/9833?format=json","purl":"pkg:pypi/ansible@2.9.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3jej-4jyp-cqbt"},{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-a49n-tvnt-p3df"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-uhg5-zpzt-e3gz"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.1"},{"url":"http://public2.vulnerablecode.io/api/packages/13309?format=json","purl":"pkg:pypi/ansible@2.9.18rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.18rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/13311?format=json","purl":"pkg:pypi/ansible@2.9.19rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.19rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/13312?format=json","purl":"pkg:pypi/ansible@2.9.19","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.19"},{"url":"http://public2.vulnerablecode.io/api/packages/82205?format=json","purl":"pkg:pypi/ansible@2.10.6rc1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.6rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/17134?format=json","purl":"pkg:pypi/ansible@2.10.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.6"}],"aliases":["CVE-2021-20228","GHSA-5rrg-rr89-x9mv","PYSEC-2021-1"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e3z2-ydhb-gqfg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6053?format=json","vulnerability_id":"VCID-ezaq-tqd3-4yd1","summary":"A security flaw was found in Ansible Engine, all Ansible 2.7.x versions prior to 2.7.17, all Ansible 2.8.x versions prior to 2.8.11 and all Ansible 2.9.x versions prior to 2.9.7, when managing kubernetes using the k8s module. Sensitive parameters such as passwords and tokens are passed to kubectl from the command line, not using an environment variable or an input configuration file. This will disclose passwords and tokens from process list and no_log directive from debug module would not have any effect making these secrets being disclosed on stdout and log files.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1753.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1753.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1753","reference_id":"","reference_type":"","scores":[{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.1278","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12825","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12862","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12896","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12816","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12766","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12964","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12914","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12845","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1753"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1753","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1753"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228"},{"reference_url":"https://github.com/advisories/GHSA-86hp-cj9j-33vv","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-86hp-cj9j-33vv"},{"reference_url":"https://github.com/ansible/ansible/commit/04ba05e003b268b83df6c106ba5c0f08548b1380","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/04ba05e003b268b83df6c106ba5c0f08548b1380"},{"reference_url":"https://github.com/ansible/ansible/commit/137caed836ef096945086cfe75dc11587b68db3a","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/137caed836ef096945086cfe75dc11587b68db3a"},{"reference_url":"https://github.com/ansible/ansible/commit/273d8538dbe5a7b5c9954f1929d3bb00904c43f6","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/273d8538dbe5a7b5c9954f1929d3bb00904c43f6"},{"reference_url":"https://github.com/ansible/ansible/pull/68195","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/pull/68195"},{"reference_url":"https://github.com/ansible-collections/kubernetes","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible-collections/kubernetes"},{"reference_url":"https://github.com/ansible-collections/kubernetes/pull/51","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible-collections/kubernetes/pull/51"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-210.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-210.yaml"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1753","reference_id":"","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:P/I:N/A:N"},{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1753"},{"reference_url":"https://security.gentoo.org/glsa/202006-11","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202006-11"},{"reference_url":"https://www.debian.org/security/2021/dsa-4950","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2021/dsa-4950"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1811008","reference_id":"1811008","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1811008"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1541","reference_id":"RHSA-2020:1541","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1541"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1542","reference_id":"RHSA-2020:1542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2142","reference_id":"RHSA-2020:2142","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2142"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/7570?format=json","purl":"pkg:pypi/ansible@2.7.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.17"},{"url":"http://public2.vulnerablecode.io/api/packages/7571?format=json","purl":"pkg:pypi/ansible@2.7.18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.18"},{"url":"http://public2.vulnerablecode.io/api/packages/7572?format=json","purl":"pkg:pypi/ansible@2.8.0a1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-a49n-tvnt-p3df"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-kb5h-116p-33b4"},{"vulnerability":"VCID-nukv-kkws-xkb1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-uhg5-zpzt-e3gz"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x5e2-7whc-v3fc"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.0a1"},{"url":"http://public2.vulnerablecode.io/api/packages/10050?format=json","purl":"pkg:pypi/ansible@2.8.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.9"},{"url":"http://public2.vulnerablecode.io/api/packages/10145?format=json","purl":"pkg:pypi/ansible@2.8.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.11"},{"url":"http://public2.vulnerablecode.io/api/packages/10621?format=json","purl":"pkg:pypi/ansible@2.8.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.12"},{"url":"http://public2.vulnerablecode.io/api/packages/10051?format=json","purl":"pkg:pypi/ansible@2.9.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3jej-4jyp-cqbt"},{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.6"},{"url":"http://public2.vulnerablecode.io/api/packages/10146?format=json","purl":"pkg:pypi/ansible@2.9.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.7"}],"aliases":["CVE-2020-1753","GHSA-86hp-cj9j-33vv","PYSEC-2020-210"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ezaq-tqd3-4yd1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6457?format=json","vulnerability_id":"VCID-fj2p-7wkh-1fhq","summary":"A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20178.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20178.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20178","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13388","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13435","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13471","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13411","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13498","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13448","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13367","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13571","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.1351","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20178"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1914774","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1914774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20178","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20178"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-wv5p-gmmv-wh9v","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-wv5p-gmmv-wh9v"},{"reference_url":"https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes"},{"reference_url":"https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes,","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes,"},{"reference_url":"https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes%2C","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes%2C"},{"reference_url":"https://github.com/ansible-collections/community.general/commit/1d0c5e2ba47724c31a18d7b08b9daf13df8829dc","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible-collections/community.general/commit/1d0c5e2ba47724c31a18d7b08b9daf13df8829dc"},{"reference_url":"https://github.com/ansible-collections/community.general/pull/1635","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible-collections/community.general/pull/1635"},{"reference_url":"https://github.com/ansible-collections/community.general/pull/1635,","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ansible-collections/community.general/pull/1635,"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-106.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-106.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUQ2QKAQA5OW2TY3ACZZMFIAJ2EQTG37","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUQ2QKAQA5OW2TY3ACZZMFIAJ2EQTG37"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIU7QZUV73U6ZQ65VJWSFBTCALVXLH55","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIU7QZUV73U6ZQ65VJWSFBTCALVXLH55"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUQ2QKAQA5OW2TY3ACZZMFIAJ2EQTG37","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUQ2QKAQA5OW2TY3ACZZMFIAJ2EQTG37"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUQ2QKAQA5OW2TY3ACZZMFIAJ2EQTG37/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUQ2QKAQA5OW2TY3ACZZMFIAJ2EQTG37/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HIU7QZUV73U6ZQ65VJWSFBTCALVXLH55","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HIU7QZUV73U6ZQ65VJWSFBTCALVXLH55"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HIU7QZUV73U6ZQ65VJWSFBTCALVXLH55/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HIU7QZUV73U6ZQ65VJWSFBTCALVXLH55/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-20178","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-20178"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985753","reference_id":"985753","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985753"},{"reference_url":"https://security.archlinux.org/ASA-202102-9","reference_id":"ASA-202102-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202102-9"},{"reference_url":"https://security.archlinux.org/AVG-1437","reference_id":"AVG-1437","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1437"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0663","reference_id":"RHSA-2021:0663","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0663"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0664","reference_id":"RHSA-2021:0664","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0664"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1079","reference_id":"RHSA-2021:1079","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1079"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2180","reference_id":"RHSA-2021:2180","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2180"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13310?format=json","purl":"pkg:pypi/ansible@2.9.18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.18"}],"aliases":["CVE-2021-20178","GHSA-wv5p-gmmv-wh9v","PYSEC-2021-106"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fj2p-7wkh-1fhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8498?format=json","vulnerability_id":"VCID-geaa-6dxx-tbcw","summary":"A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.","references":[{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3871","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2021:3871"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3872","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2021:3872"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3874","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2021:3874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4703","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2021:4703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4750","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2021:4750"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3620.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3620.json"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2021-3620","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2021-3620"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3620","reference_id":"","reference_type":"","scores":[{"value":"0.0029","scoring_system":"epss","scoring_elements":"0.52409","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0029","scoring_system":"epss","scoring_elements":"0.52437","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0029","scoring_system":"epss","scoring_elements":"0.52402","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0029","scoring_system":"epss","scoring_elements":"0.52455","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0029","scoring_system":"epss","scoring_elements":"0.52364","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0029","scoring_system":"epss","scoring_elements":"0.525","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0029","scoring_system":"epss","scoring_elements":"0.52484","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0029","scoring_system":"epss","scoring_elements":"0.52468","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0029","scoring_system":"epss","scoring_elements":"0.52449","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3620"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1975767","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:25Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1975767"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3620","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3620"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-4r65-35qq-ch8j","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4r65-35qq-ch8j"},{"reference_url":"https://github.com/ansible/ansible","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible"},{"reference_url":"https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst#security-fixes","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:25Z/"}],"url":"https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst#security-fixes"},{"reference_url":"https://github.com/ansible/ansible/commit/fe28767970c8ec62aabe493c46b53a5de1e5fac0","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:25Z/"}],"url":"https://github.com/ansible/ansible/commit/fe28767970c8ec62aabe493c46b53a5de1e5fac0"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2022-164.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2022-164.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:25Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html"},{"reference_url":"https://security.archlinux.org/AVG-1941","reference_id":"AVG-1941","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1941"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3620","reference_id":"CVE-2021-3620","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3620"},{"reference_url":"https://usn.ubuntu.com/USN-5315-1/","reference_id":"USN-USN-5315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5315-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13328?format=json","purl":"pkg:pypi/ansible@2.9.27","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.27"}],"aliases":["CVE-2021-3620","GHSA-4r65-35qq-ch8j","PYSEC-2022-164"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-geaa-6dxx-tbcw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6044?format=json","vulnerability_id":"VCID-hqar-fca3-cbht","summary":"A race condition flaw was found in Ansible Engine 2.7.17 and prior, 2.8.9 and prior, 2.9.6 and prior when running a playbook with an unprivileged become user. When Ansible needs to run a module with become user, the temporary directory is created in /var/tmp. This directory is created with \"umask 77 && mkdir -p <dir>\"; this operation does not fail if the directory already exists and is owned by another user. An attacker could take advantage to gain control of the become user as the target directory can be retrieved by iterating '/proc/<pid>/cmdline'.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1733.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1733.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1733","reference_id":"","reference_type":"","scores":[{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08244","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08262","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08283","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08291","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08272","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08208","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08259","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08146","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08205","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1733"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1733","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L"},{"value":"1.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1733"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-g4mq-6fp5-qwcf","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L"},{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"1.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-g4mq-6fp5-qwcf"},{"reference_url":"https://github.com/ansible/ansible","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L"},{"value":"1.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible"},{"reference_url":"https://github.com/ansible/ansible/commit/80b9a0a25c5f75e84aefc8f2b293fb1933b154f2","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L"},{"value":"1.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/80b9a0a25c5f75e84aefc8f2b293fb1933b154f2"},{"reference_url":"https://github.com/ansible/ansible/commit/8251d9f4c2bc82632ab992277fcd30ccbf87aa47","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L"},{"value":"1.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/8251d9f4c2bc82632ab992277fcd30ccbf87aa47"},{"reference_url":"https://github.com/ansible/ansible/commit/ecf99d5e1ff732a7777010facd6c98bb0994605e","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L"},{"value":"1.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/ecf99d5e1ff732a7777010facd6c98bb0994605e"},{"reference_url":"https://github.com/ansible/ansible/issues/67791","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L"},{"value":"1.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/issues/67791"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-5.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L"},{"value":"1.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-5.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/05/msg00005.html","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L"},{"value":"1.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2020/05/msg00005.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L"},{"value":"1.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L"},{"value":"1.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L"},{"value":"1.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1733","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:H/Au:N/C:P/I:P/A:P"},{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L"},{"value":"1.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1733"},{"reference_url":"https://security.gentoo.org/glsa/202006-11","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L"},{"value":"1.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202006-11"},{"reference_url":"https://www.debian.org/security/2021/dsa-4950","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L"},{"value":"1.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2021/dsa-4950"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1801735","reference_id":"1801735","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1801735"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1541","reference_id":"RHSA-2020:1541","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1541"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1542","reference_id":"RHSA-2020:1542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1543","reference_id":"RHSA-2020:1543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1543"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1544","reference_id":"RHSA-2020:1544","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1544"},{"reference_url":"https://usn.ubuntu.com/USN-5315-1/","reference_id":"USN-USN-5315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5315-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/7570?format=json","purl":"pkg:pypi/ansible@2.7.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.17"},{"url":"http://public2.vulnerablecode.io/api/packages/10045?format=json","purl":"pkg:pypi/ansible@2.8.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.8"},{"url":"http://public2.vulnerablecode.io/api/packages/10145?format=json","purl":"pkg:pypi/ansible@2.8.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.11"},{"url":"http://public2.vulnerablecode.io/api/packages/10051?format=json","purl":"pkg:pypi/ansible@2.9.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3jej-4jyp-cqbt"},{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.6"},{"url":"http://public2.vulnerablecode.io/api/packages/10146?format=json","purl":"pkg:pypi/ansible@2.9.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.7"}],"aliases":["CVE-2020-1733","GHSA-g4mq-6fp5-qwcf","PYSEC-2020-5"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hqar-fca3-cbht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5946?format=json","vulnerability_id":"VCID-jnmu-c8dt-5yb6","summary":"A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argument_spec with sub parameters marked as no_log, passing an invalid parameter name to the module will cause the task to fail before the no_log options in the sub parameters are processed. As a result, data in the sub parameter fields will not be masked and will be displayed if Ansible is run with increased verbosity and present in the module invocation arguments for the task.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3201","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:3201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3202","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:3202"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3203","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:3203"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3207","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:3207"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0756","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2020:0756"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14858.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14858.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14858","reference_id":"","reference_type":"","scores":[{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.1843","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18479","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18624","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18679","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18394","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18475","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18528","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18529","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18481","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14858"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14858","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14858"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14858","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14858"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/ansible/ansible","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible"},{"reference_url":"https://github.com/ansible/ansible/commit/0fd656e9964a91f2e8b1e9bbf78c74661ab9d37b","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/0fd656e9964a91f2e8b1e9bbf78c74661ab9d37b"},{"reference_url":"https://github.com/ansible/ansible/commit/3dfb8e81bb5f776a6b00c7a90dd087e85b71f8bb","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/3dfb8e81bb5f776a6b00c7a90dd087e85b71f8bb"},{"reference_url":"https://github.com/ansible/ansible/commit/87f8d77d70476454f7fe2381bd363a329ce4266c","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/87f8d77d70476454f7fe2381bd363a329ce4266c"},{"reference_url":"https://github.com/ansible/ansible/commit/f610ed3a4eb87eb557200606279796921fa9b722","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/f610ed3a4eb87eb557200606279796921fa9b722"},{"reference_url":"https://github.com/ansible/ansible/pull/63405","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/pull/63405"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2019-171.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2019-171.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-14858","reference_id":"","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:P/I:N/A:N"},{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-14858"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1760593","reference_id":"1760593","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1760593"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942332","reference_id":"942332","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942332"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*"},{"reference_url":"https://github.com/advisories/GHSA-h653-95qw-h2mp","reference_id":"GHSA-h653-95qw-h2mp","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-h653-95qw-h2mp"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/9396?format=json","purl":"pkg:pypi/ansible@2.6.20","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.6.20"},{"url":"http://public2.vulnerablecode.io/api/packages/7567?format=json","purl":"pkg:pypi/ansible@2.7.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-a49n-tvnt-p3df"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dagf-buer-4ffr"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-uhg5-zpzt-e3gz"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.14"},{"url":"http://public2.vulnerablecode.io/api/packages/7579?format=json","purl":"pkg:pypi/ansible@2.8.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-7uu9-tj6b-quf6"},{"vulnerability":"VCID-a49n-tvnt-p3df"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-ckt2-us5z-pyef"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dagf-buer-4ffr"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-kb5h-116p-33b4"},{"vulnerability":"VCID-nukv-kkws-xkb1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-swpr-3qae-d7fe"},{"vulnerability":"VCID-t6db-buke-nfhf"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-uhg5-zpzt-e3gz"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x5e2-7whc-v3fc"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-ykxk-6mpc-wkgt"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.1"},{"url":"http://public2.vulnerablecode.io/api/packages/9397?format=json","purl":"pkg:pypi/ansible@2.8.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-a49n-tvnt-p3df"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dagf-buer-4ffr"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-uhg5-zpzt-e3gz"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.6"},{"url":"http://public2.vulnerablecode.io/api/packages/13298?format=json","purl":"pkg:pypi/ansible@2.9.0rc4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3jej-4jyp-cqbt"},{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-a49n-tvnt-p3df"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-uhg5-zpzt-e3gz"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.0rc4"}],"aliases":["CVE-2019-14858","GHSA-h653-95qw-h2mp","PYSEC-2019-171"],"risk_score":3.3,"exploitability":"0.5","weighted_severity":"6.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jnmu-c8dt-5yb6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/221223?format=json","vulnerability_id":"VCID-js7k-ptm9-2yh1","summary":"Ethereum 0xe933c0cd9784414d5f278c114904f5a84b396919#code.sol latest version is affected by a denial of service vulnerability in the affected payout function. Once the length of this array is too long, it will result in an exception. Attackers can make attacks by creating a series of account addresses.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-20178","reference_id":"","reference_type":"","scores":[{"value":"0.00389","scoring_system":"epss","scoring_elements":"0.59975","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00389","scoring_system":"epss","scoring_elements":"0.59852","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00389","scoring_system":"epss","scoring_elements":"0.59928","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00389","scoring_system":"epss","scoring_elements":"0.59954","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00389","scoring_system":"epss","scoring_elements":"0.59924","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00389","scoring_system":"epss","scoring_elements":"0.59974","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00389","scoring_system":"epss","scoring_elements":"0.59987","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00389","scoring_system":"epss","scoring_elements":"0.60008","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00389","scoring_system":"epss","scoring_elements":"0.59993","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-20178"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1914774","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1914774"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-20178","reference_id":"CVE-2020-20178","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-20178"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13310?format=json","purl":"pkg:pypi/ansible@2.9.18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.18"}],"aliases":["CVE-2020-20178"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-js7k-ptm9-2yh1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5941?format=json","vulnerability_id":"VCID-kb5h-116p-33b4","summary":"In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible modules, as those are executed in a separate process.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3201","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:3201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3202","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:3202"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3203","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:3203"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3207","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:3207"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0756","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2020:0756"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14846.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14846.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14846","reference_id":"","reference_type":"","scores":[{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35985","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35913","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36104","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36134","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.3597","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36019","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36043","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36048","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.3601","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14846"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14846","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14846"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/ansible/ansible","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible"},{"reference_url":"https://github.com/ansible/ansible/commit/90e74dd2600e5cc42dd9b4f4656f3d651c4ce5c4","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/90e74dd2600e5cc42dd9b4f4656f3d651c4ce5c4"},{"reference_url":"https://github.com/ansible/ansible/commit/cb0f535a8b254a2daf69cd067e842fabb2993034","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/cb0f535a8b254a2daf69cd067e842fabb2993034"},{"reference_url":"https://github.com/ansible/ansible/commit/d961f676c01023a6a21503df16ba551a550e515b","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/d961f676c01023a6a21503df16ba551a550e515b"},{"reference_url":"https://github.com/ansible/ansible/pull/63366","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/pull/63366"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2019-4.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2019-4.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/05/msg00005.html","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2020/05/msg00005.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/01/msg00023.html","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2021/01/msg00023.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-14846","reference_id":"","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:P/I:N/A:N"},{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-14846"},{"reference_url":"https://www.debian.org/security/2021/dsa-4950","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2021/dsa-4950"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1755373","reference_id":"1755373","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1755373"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942188","reference_id":"942188","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942188"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ansible_engine:2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ansible_engine:2.8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://github.com/advisories/GHSA-pm48-cvv2-29q5","reference_id":"GHSA-pm48-cvv2-29q5","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-pm48-cvv2-29q5"},{"reference_url":"https://usn.ubuntu.com/7330-1/","reference_id":"USN-7330-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7330-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/9396?format=json","purl":"pkg:pypi/ansible@2.6.20","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.6.20"},{"url":"http://public2.vulnerablecode.io/api/packages/7567?format=json","purl":"pkg:pypi/ansible@2.7.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-a49n-tvnt-p3df"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dagf-buer-4ffr"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-uhg5-zpzt-e3gz"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.14"},{"url":"http://public2.vulnerablecode.io/api/packages/9397?format=json","purl":"pkg:pypi/ansible@2.8.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-a49n-tvnt-p3df"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dagf-buer-4ffr"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-uhg5-zpzt-e3gz"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.6"},{"url":"http://public2.vulnerablecode.io/api/packages/13294?format=json","purl":"pkg:pypi/ansible@2.9.0b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3jej-4jyp-cqbt"},{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-a49n-tvnt-p3df"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-uhg5-zpzt-e3gz"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.0b1"}],"aliases":["CVE-2019-14846","GHSA-pm48-cvv2-29q5","PYSEC-2019-4"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kb5h-116p-33b4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5825?format=json","vulnerability_id":"VCID-puq1-z5h7-pkdg","summary":"ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with no_log on that can lead to leakage of sensible data.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3835","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:3835"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3836","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:3836"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3837","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:3837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3838","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:3838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0564","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:0564"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0590","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:0590"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16876.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16876.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16876","reference_id":"","reference_type":"","scores":[{"value":"0.00638","scoring_system":"epss","scoring_elements":"0.70437","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00638","scoring_system":"epss","scoring_elements":"0.70446","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00638","scoring_system":"epss","scoring_elements":"0.70491","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00638","scoring_system":"epss","scoring_elements":"0.70506","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00638","scoring_system":"epss","scoring_elements":"0.7053","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00638","scoring_system":"epss","scoring_elements":"0.70515","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00638","scoring_system":"epss","scoring_elements":"0.70501","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00638","scoring_system":"epss","scoring_elements":"0.70451","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00638","scoring_system":"epss","scoring_elements":"0.70468","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16876"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16876","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16876"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10855","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10855"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10875","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10875"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16876","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16876"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3828","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3828"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/ansible/ansible","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible"},{"reference_url":"https://github.com/ansible/ansible/commit/0954942dfdc563f80fd3e388f550aa165ec931da","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/0954942dfdc563f80fd3e388f550aa165ec931da"},{"reference_url":"https://github.com/ansible/ansible/commit/424c68f15ad9f532d73e5afed33ff477f54281a7","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/424c68f15ad9f532d73e5afed33ff477f54281a7"},{"reference_url":"https://github.com/ansible/ansible/commit/e0a81d133ffc8f7067182c53cf6a28c724dd1099","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/e0a81d133ffc8f7067182c53cf6a28c724dd1099"},{"reference_url":"https://github.com/ansible/ansible/issues/51318","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/issues/51318"},{"reference_url":"https://github.com/ansible/ansible/pull/49569","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/pull/49569"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2019-141.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2019-141.yaml"},{"reference_url":"https://usn.ubuntu.com/4072-1","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/4072-1"},{"reference_url":"https://usn.ubuntu.com/4072-1/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4072-1/"},{"reference_url":"https://web.archive.org/web/20200227100904/http://www.securityfocus.com/bid/106225","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20200227100904/http://www.securityfocus.com/bid/106225"},{"reference_url":"https://www.debian.org/security/2019/dsa-4396","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2019/dsa-4396"},{"reference_url":"http://www.securityfocus.com/bid/106225","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/106225"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1657330","reference_id":"1657330","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1657330"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916102","reference_id":"916102","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916102"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ansible_engine:2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ansible_engine:2.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ansible_engine:2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ansible_engine:2.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:openstack:14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-16876","reference_id":"CVE-2018-16876","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:P/I:N/A:N"},{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-16876"},{"reference_url":"https://github.com/advisories/GHSA-j569-fghw-f9rx","reference_id":"GHSA-j569-fghw-f9rx","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-j569-fghw-f9rx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/7732?format=json","purl":"pkg:pypi/ansible@2.5.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b1pw-nusu-27c4"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-drt9-vx5r-akgm"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-kb5h-116p-33b4"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-t6db-buke-nfhf"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x5e2-7whc-v3fc"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-ykxk-6mpc-wkgt"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.5.14"},{"url":"http://public2.vulnerablecode.io/api/packages/7733?format=json","purl":"pkg:pypi/ansible@2.6.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b1pw-nusu-27c4"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-ckt2-us5z-pyef"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-drt9-vx5r-akgm"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-kb5h-116p-33b4"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-swpr-3qae-d7fe"},{"vulnerability":"VCID-t6db-buke-nfhf"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x5e2-7whc-v3fc"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-ykxk-6mpc-wkgt"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.6.11"},{"url":"http://public2.vulnerablecode.io/api/packages/7558?format=json","purl":"pkg:pypi/ansible@2.7.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-a49n-tvnt-p3df"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b1pw-nusu-27c4"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-ckt2-us5z-pyef"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dagf-buer-4ffr"},{"vulnerability":"VCID-drt9-vx5r-akgm"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-kb5h-116p-33b4"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-swpr-3qae-d7fe"},{"vulnerability":"VCID-t6db-buke-nfhf"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-uhg5-zpzt-e3gz"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x5e2-7whc-v3fc"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-ykxk-6mpc-wkgt"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.5"}],"aliases":["CVE-2018-16876","GHSA-j569-fghw-f9rx","PYSEC-2019-141"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-puq1-z5h7-pkdg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/23740?format=json","vulnerability_id":"VCID-qbdk-hxhg-wbh4","summary":"Ansible Community General Collection is vulnerable to exposure of sensitive information\nA flaw was found in ansible-collection-community-general. This vulnerability allows for information exposure (IE) of sensitive credentials, specifically plaintext passwords, via verbose output when running Ansible with debug modes. Attackers with access to logs could retrieve these secrets and potentially compromise Keycloak accounts or administrative access.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14010.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14010.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14010","reference_id":"","reference_type":"","scores":[{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03045","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03031","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.0471","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04677","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04694","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04671","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04705","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04717","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14010"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2418774","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-05T17:22:53Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2418774"},{"reference_url":"https://github.com/ansible-collections/community.general","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible-collections/community.general"},{"reference_url":"https://github.com/ansible-collections/community.general/commit/08e56bbb9b57740a879d3057d84cdb02a162b840","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible-collections/community.general/commit/08e56bbb9b57740a879d3057d84cdb02a162b840"},{"reference_url":"https://github.com/ansible-collections/community.general/commit/54af64ad363efe280b34102d2637fe272c1f7320","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ansible-collections/community.general/commit/54af64ad363efe280b34102d2637fe272c1f7320"},{"reference_url":"https://github.com/ansible-collections/community.general/issues/11000","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible-collections/community.general/issues/11000"},{"reference_url":"https://github.com/ansible-collections/community.general/pull/11005","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ansible-collections/community.general/pull/11005"},{"reference_url":"https://github.com/ansible-community/ansible-build-data/blob/12.2.0/12/CHANGELOG-v12.md#security-fixes","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible-community/ansible-build-data/blob/12.2.0/12/CHANGELOG-v12.md#security-fixes"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121951","reference_id":"1121951","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121951"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:5","reference_id":"cpe:/a:redhat:ceph_storage:5","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:5"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:6","reference_id":"cpe:/a:redhat:ceph_storage:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:7","reference_id":"cpe:/a:redhat:ceph_storage:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:8","reference_id":"cpe:/a:redhat:ceph_storage:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:17.1","reference_id":"cpe:/a:redhat:openstack:17.1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:17.1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:18.0","reference_id":"cpe:/a:redhat:openstack:18.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:18.0"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-14010","reference_id":"CVE-2025-14010","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-05T17:22:53Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-14010"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-14010","reference_id":"CVE-2025-14010","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-14010"},{"reference_url":"https://github.com/advisories/GHSA-8ggh-xwr9-3373","reference_id":"GHSA-8ggh-xwr9-3373","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8ggh-xwr9-3373"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66749?format=json","purl":"pkg:pypi/ansible@12.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@12.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/69360?format=json","purl":"pkg:pypi/ansible@12.2.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@12.2.0"}],"aliases":["CVE-2025-14010","GHSA-8ggh-xwr9-3373"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qbdk-hxhg-wbh4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5812?format=json","vulnerability_id":"VCID-r6bb-p28b-8fcn","summary":"Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. A local user with administrator privileges on the machine can view these logs and discover the plaintext password. Ansible Engine 2.8 and older are believed to be vulnerable.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3770","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:3770"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3771","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:3771"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3772","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:3772"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3773","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:3773"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16859.json","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16859.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16859","reference_id":"","reference_type":"","scores":[{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26464","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26567","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.2656","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26512","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26442","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26657","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26612","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26562","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26521","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16859"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16859","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16859"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16859","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16859"},{"reference_url":"https://cwe.mitre.org/data/definitions/200.html","reference_id":"","reference_type":"","scores":[],"url":"https://cwe.mitre.org/data/definitions/200.html"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/ansible/ansible","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible"},{"reference_url":"https://github.com/ansible/ansible/blob/v2.5.13/changelogs/CHANGELOG-v2.5.rst","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/blob/v2.5.13/changelogs/CHANGELOG-v2.5.rst"},{"reference_url":"https://github.com/ansible/ansible/commit/0d746b4198abf84290a093b83cf02b4203d73d9f","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/0d746b4198abf84290a093b83cf02b4203d73d9f"},{"reference_url":"https://github.com/ansible/ansible/commit/2f8d3fcf41107efafc14d51ab6e14531ca8f8c87","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/2f8d3fcf41107efafc14d51ab6e14531ca8f8c87"},{"reference_url":"https://github.com/ansible/ansible/commit/4d748d34f9392aa469da00a85c8e2d5fe6cec52b","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/4d748d34f9392aa469da00a85c8e2d5fe6cec52b"},{"reference_url":"https://github.com/ansible/ansible/commit/8c1f701e6e9df29fe991f98265e2dd76acca4b8c","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ansible/ansible/commit/8c1f701e6e9df29fe991f98265e2dd76acca4b8c"},{"reference_url":"https://github.com/ansible/ansible/pull/49142","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/pull/49142"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2018-60.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2018-60.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-16859","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-16859"},{"reference_url":"https://web.archive.org/web/20200227102121/http://www.securityfocus.com/bid/106004","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20200227102121/http://www.securityfocus.com/bid/106004"},{"reference_url":"http://www.securityfocus.com/bid/106004","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/106004"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1649607","reference_id":"1649607","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1649607"},{"reference_url":"https://github.com/advisories/GHSA-v735-2pp6-h86r","reference_id":"GHSA-v735-2pp6-h86r","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-v735-2pp6-h86r"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/7553?format=json","purl":"pkg:pypi/ansible@2.5.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b1pw-nusu-27c4"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-drt9-vx5r-akgm"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-kb5h-116p-33b4"},{"vulnerability":"VCID-puq1-z5h7-pkdg"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-t6db-buke-nfhf"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x5e2-7whc-v3fc"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-ykxk-6mpc-wkgt"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.5.12"},{"url":"http://public2.vulnerablecode.io/api/packages/7580?format=json","purl":"pkg:pypi/ansible@2.5.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b1pw-nusu-27c4"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-drt9-vx5r-akgm"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-kb5h-116p-33b4"},{"vulnerability":"VCID-puq1-z5h7-pkdg"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-t6db-buke-nfhf"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x5e2-7whc-v3fc"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-ykxk-6mpc-wkgt"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.5.13"},{"url":"http://public2.vulnerablecode.io/api/packages/7555?format=json","purl":"pkg:pypi/ansible@2.6.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b1pw-nusu-27c4"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-ckt2-us5z-pyef"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-drt9-vx5r-akgm"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-kb5h-116p-33b4"},{"vulnerability":"VCID-puq1-z5h7-pkdg"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-swpr-3qae-d7fe"},{"vulnerability":"VCID-t6db-buke-nfhf"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x5e2-7whc-v3fc"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-ykxk-6mpc-wkgt"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.6.9"},{"url":"http://public2.vulnerablecode.io/api/packages/7581?format=json","purl":"pkg:pypi/ansible@2.6.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b1pw-nusu-27c4"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-ckt2-us5z-pyef"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-drt9-vx5r-akgm"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-kb5h-116p-33b4"},{"vulnerability":"VCID-puq1-z5h7-pkdg"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-swpr-3qae-d7fe"},{"vulnerability":"VCID-t6db-buke-nfhf"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x5e2-7whc-v3fc"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-ykxk-6mpc-wkgt"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.6.10"},{"url":"http://public2.vulnerablecode.io/api/packages/7557?format=json","purl":"pkg:pypi/ansible@2.7.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-a49n-tvnt-p3df"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b1pw-nusu-27c4"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-ckt2-us5z-pyef"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dagf-buer-4ffr"},{"vulnerability":"VCID-drt9-vx5r-akgm"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-kb5h-116p-33b4"},{"vulnerability":"VCID-puq1-z5h7-pkdg"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-swpr-3qae-d7fe"},{"vulnerability":"VCID-t6db-buke-nfhf"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-uhg5-zpzt-e3gz"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x5e2-7whc-v3fc"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-ykxk-6mpc-wkgt"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.3"},{"url":"http://public2.vulnerablecode.io/api/packages/7578?format=json","purl":"pkg:pypi/ansible@2.7.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-a49n-tvnt-p3df"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b1pw-nusu-27c4"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-ckt2-us5z-pyef"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dagf-buer-4ffr"},{"vulnerability":"VCID-drt9-vx5r-akgm"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-kb5h-116p-33b4"},{"vulnerability":"VCID-puq1-z5h7-pkdg"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-swpr-3qae-d7fe"},{"vulnerability":"VCID-t6db-buke-nfhf"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-uhg5-zpzt-e3gz"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x5e2-7whc-v3fc"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-ykxk-6mpc-wkgt"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.4"},{"url":"http://public2.vulnerablecode.io/api/packages/7579?format=json","purl":"pkg:pypi/ansible@2.8.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-7uu9-tj6b-quf6"},{"vulnerability":"VCID-a49n-tvnt-p3df"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-ckt2-us5z-pyef"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dagf-buer-4ffr"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-kb5h-116p-33b4"},{"vulnerability":"VCID-nukv-kkws-xkb1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-swpr-3qae-d7fe"},{"vulnerability":"VCID-t6db-buke-nfhf"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-uhg5-zpzt-e3gz"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x5e2-7whc-v3fc"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-ykxk-6mpc-wkgt"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.1"}],"aliases":["CVE-2018-16859","GHSA-v735-2pp6-h86r","PYSEC-2018-60"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r6bb-p28b-8fcn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6083?format=json","vulnerability_id":"VCID-rdwq-93d6-c7b4","summary":"An incomplete fix was found for the fix of the flaw CVE-2020-1733 ansible: insecure temporary directory when running become_user from become directive. The provided fix is insufficient to prevent the race condition on systems using ACLs and FUSE filesystems. Ansible Engine 2.7.18, 2.8.12, and 2.9.9 as well as previous versions are affected and Ansible Tower 3.4.5, 3.5.6 and 3.6.4 as well as previous versions are affected.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10744.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10744.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10744","reference_id":"","reference_type":"","scores":[{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11545","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.1157","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11597","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11537","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11452","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11664","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11607","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.1148","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10744"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10744","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L"},{"value":"2.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10744"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10744","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10744"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-vp9j-rghq-8jhh","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L"},{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"2.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vp9j-rghq-8jhh"},{"reference_url":"https://github.com/ansible/ansible","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L"},{"value":"2.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible"},{"reference_url":"https://github.com/ansible/ansible/commit/77d0effcc5b2da1ef23e4ba32986a9759c27c10d","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L"},{"value":"2.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/77d0effcc5b2da1ef23e4ba32986a9759c27c10d"},{"reference_url":"https://github.com/ansible/ansible/commit/84afa8e90cd168ff13208c8eae3e533ce7e21e1f","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L"},{"value":"2.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/84afa8e90cd168ff13208c8eae3e533ce7e21e1f"},{"reference_url":"https://github.com/ansible/ansible/commit/ffd3757fc35468a97791e452e7f2d14c3e3fcb80","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L"},{"value":"2.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/ffd3757fc35468a97791e452e7f2d14c3e3fcb80"},{"reference_url":"https://github.com/ansible/ansible/issues/69782","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L"},{"value":"2.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/issues/69782"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-208.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L"},{"value":"2.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-208.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1835566","reference_id":"1835566","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1835566"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966660","reference_id":"966660","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966660"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10744","reference_id":"CVE-2020-10744","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L"},{"value":"2.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10744"},{"reference_url":"https://usn.ubuntu.com/USN-5315-1/","reference_id":"USN-USN-5315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5315-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/7572?format=json","purl":"pkg:pypi/ansible@2.8.0a1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-a49n-tvnt-p3df"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-kb5h-116p-33b4"},{"vulnerability":"VCID-nukv-kkws-xkb1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-uhg5-zpzt-e3gz"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x5e2-7whc-v3fc"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.0a1"},{"url":"http://public2.vulnerablecode.io/api/packages/10624?format=json","purl":"pkg:pypi/ansible@2.8.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.13"},{"url":"http://public2.vulnerablecode.io/api/packages/10625?format=json","purl":"pkg:pypi/ansible@2.9.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.10"},{"url":"http://public2.vulnerablecode.io/api/packages/13282?format=json","purl":"pkg:pypi/ansible@2.9.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.12"},{"url":"http://public2.vulnerablecode.io/api/packages/13340?format=json","purl":"pkg:pypi/ansible@2.10.0rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.0rc1"}],"aliases":["CVE-2020-10744","GHSA-vp9j-rghq-8jhh","PYSEC-2020-208"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rdwq-93d6-c7b4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6177?format=json","vulnerability_id":"VCID-rg5d-st3d-nbah","summary":"A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage collector is not happening after playbook run is completed. Files would remain in the bucket exposing the data. This issue affects directly data confidentiality.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25635.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25635.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25635","reference_id":"","reference_type":"","scores":[{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25003","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25057","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25098","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25083","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25039","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25199","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.2497","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25158","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25073","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25635"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25635","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25635"},{"reference_url":"https://github.com/ansible/ansible","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible"},{"reference_url":"https://github.com/ansible-collections/community.aws/issues/222","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible-collections/community.aws/issues/222"},{"reference_url":"https://github.com/ansible-collections/community.aws/pull/237#issuecomment-1468591094","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible-collections/community.aws/pull/237#issuecomment-1468591094"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-220.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-220.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1880275","reference_id":"1880275","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1880275"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-25635","reference_id":"CVE-2020-25635","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-25635"},{"reference_url":"https://github.com/advisories/GHSA-f556-49jc-4rvc","reference_id":"GHSA-f556-49jc-4rvc","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-f556-49jc-4rvc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13575?format=json","purl":"pkg:pypi/ansible@2.10.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jy6-eqpn-wbce"},{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.1"}],"aliases":["CVE-2020-25635","GHSA-f556-49jc-4rvc","PYSEC-2020-220"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rg5d-st3d-nbah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5797?format=json","vulnerability_id":"VCID-rknj-nkgs-wyg2","summary":"Ansible \"User\" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as passphrases credentials passed as a parameter for the ssh-keygen executable. Showing those credentials in clear text form for every user which have access just to the process list.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00077.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00020.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3460","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:3460"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3461","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:3461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3462","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:3462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3463","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:3463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3505","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:3505"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16837.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16837.json"},{"reference_url":"https://access.redhat.com/security/cve/cve-2018-16837","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/cve-2018-16837"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16837","reference_id":"","reference_type":"","scores":[{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12429","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12291","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12329","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12367","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.1236","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12309","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.1223","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12385","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.1227","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16837"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16837","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10855","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10855"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10875","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10875"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16876","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16876"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3828","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3828"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/ansible/ansible","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible"},{"reference_url":"https://github.com/ansible/ansible/blob/c963ef1dfbf73efea5106624eb48b346f01eaefd/changelogs/CHANGELOG-v2.7.rst?plain=1#L138","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/blob/c963ef1dfbf73efea5106624eb48b346f01eaefd/changelogs/CHANGELOG-v2.7.rst?plain=1#L138"},{"reference_url":"https://github.com/ansible/ansible/blob/stable-2.5/changelogs/CHANGELOG-v2.5.rst#v2511","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ansible/ansible/blob/stable-2.5/changelogs/CHANGELOG-v2.5.rst#v2511"},{"reference_url":"https://github.com/ansible/ansible/blob/stable-2.6/changelogs/CHANGELOG-v2.6.rst#v267","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ansible/ansible/blob/stable-2.6/changelogs/CHANGELOG-v2.6.rst#v267"},{"reference_url":"https://github.com/ansible/ansible/blob/stable-2.7/changelogs/CHANGELOG-v2.7.rst#v2-7-1","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ansible/ansible/blob/stable-2.7/changelogs/CHANGELOG-v2.7.rst#v2-7-1"},{"reference_url":"https://github.com/ansible/ansible/commit/77928e6c3a2ad878b20312ce5d74d9d7741e0df0","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/77928e6c3a2ad878b20312ce5d74d9d7741e0df0"},{"reference_url":"https://github.com/ansible/ansible/commit/a0aa53d1a1d6075a7ae98ace138712ee6cb45ae4","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ansible/ansible/commit/a0aa53d1a1d6075a7ae98ace138712ee6cb45ae4"},{"reference_url":"https://github.com/ansible/ansible/commit/b618339c321c387230d3ea523e80ad47af3de5cf","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/b618339c321c387230d3ea523e80ad47af3de5cf"},{"reference_url":"https://github.com/ansible/ansible/commit/f50cc0b8cb399bb7b7c1ad23b94c9404f0cc6d23","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/f50cc0b8cb399bb7b7c1ad23b94c9404f0cc6d23"},{"reference_url":"https://github.com/ansible/ansible/pull/47436","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/pull/47436"},{"reference_url":"https://github.com/ansible/ansible/pull/47445","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/pull/47445"},{"reference_url":"https://github.com/ansible/ansible/pull/47486","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/pull/47486"},{"reference_url":"https://github.com/ansible/ansible/pull/47487","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/pull/47487"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2018-44.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2018-44.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/11/msg00012.html","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2018/11/msg00012.html"},{"reference_url":"https://usn.ubuntu.com/4072-1","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/4072-1"},{"reference_url":"https://usn.ubuntu.com/4072-1/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4072-1/"},{"reference_url":"https://web.archive.org/web/20200227105539/http://www.securityfocus.com/bid/105700","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20200227105539/http://www.securityfocus.com/bid/105700"},{"reference_url":"https://www.debian.org/security/2019/dsa-4396","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2019/dsa-4396"},{"reference_url":"http://www.securityfocus.com/bid/105700","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/105700"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1640642","reference_id":"1640642","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1640642"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=912297","reference_id":"912297","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=912297"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-16837","reference_id":"CVE-2018-16837","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-16837"},{"reference_url":"https://github.com/advisories/GHSA-hwrm-63v2-42g4","reference_id":"GHSA-hwrm-63v2-42g4","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-hwrm-63v2-42g4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/7404?format=json","purl":"pkg:pypi/ansible@2.5.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b1pw-nusu-27c4"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-drt9-vx5r-akgm"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-kb5h-116p-33b4"},{"vulnerability":"VCID-puq1-z5h7-pkdg"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-t6db-buke-nfhf"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x5e2-7whc-v3fc"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-ykxk-6mpc-wkgt"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.5.11"},{"url":"http://public2.vulnerablecode.io/api/packages/7403?format=json","purl":"pkg:pypi/ansible@2.6.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b1pw-nusu-27c4"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-ckt2-us5z-pyef"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-drt9-vx5r-akgm"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-kb5h-116p-33b4"},{"vulnerability":"VCID-puq1-z5h7-pkdg"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-swpr-3qae-d7fe"},{"vulnerability":"VCID-t6db-buke-nfhf"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x5e2-7whc-v3fc"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-ykxk-6mpc-wkgt"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.6.7"},{"url":"http://public2.vulnerablecode.io/api/packages/7402?format=json","purl":"pkg:pypi/ansible@2.7.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-a49n-tvnt-p3df"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b1pw-nusu-27c4"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-ckt2-us5z-pyef"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dagf-buer-4ffr"},{"vulnerability":"VCID-drt9-vx5r-akgm"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-kb5h-116p-33b4"},{"vulnerability":"VCID-puq1-z5h7-pkdg"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-swpr-3qae-d7fe"},{"vulnerability":"VCID-t6db-buke-nfhf"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-uhg5-zpzt-e3gz"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x5e2-7whc-v3fc"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-ykxk-6mpc-wkgt"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.1"}],"aliases":["CVE-2018-16837","GHSA-hwrm-63v2-42g4","PYSEC-2018-44"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rknj-nkgs-wyg2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/89675?format=json","vulnerability_id":"VCID-t6db-buke-nfhf","summary":"A flaw was discovered in the way Ansible templating was implemented in versions before 2.6.18, 2.7.12 and 2.8.2, causing the possibility of information disclosure through unexpected variable substitution. By taking advantage of unintended variable substitution the content of any variable may be disclosed.","references":[{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3744","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3744"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3789","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3789"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10156","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10156"},{"reference_url":"https://github.com/ansible/ansible/pull/57188","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ansible/ansible/pull/57188"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00016.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00016.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/01/msg00023.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2021/01/msg00023.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/8970?format=json","purl":"pkg:pypi/ansible@2.6.18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-ckt2-us5z-pyef"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-kb5h-116p-33b4"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-swpr-3qae-d7fe"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-ykxk-6mpc-wkgt"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.6.18"},{"url":"http://public2.vulnerablecode.io/api/packages/7565?format=json","purl":"pkg:pypi/ansible@2.7.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-a49n-tvnt-p3df"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-ckt2-us5z-pyef"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dagf-buer-4ffr"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-kb5h-116p-33b4"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-swpr-3qae-d7fe"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-uhg5-zpzt-e3gz"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-ykxk-6mpc-wkgt"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.12"},{"url":"http://public2.vulnerablecode.io/api/packages/8971?format=json","purl":"pkg:pypi/ansible@2.8.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-7uu9-tj6b-quf6"},{"vulnerability":"VCID-a49n-tvnt-p3df"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-ckt2-us5z-pyef"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dagf-buer-4ffr"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-kb5h-116p-33b4"},{"vulnerability":"VCID-nukv-kkws-xkb1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-swpr-3qae-d7fe"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-uhg5-zpzt-e3gz"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-ykxk-6mpc-wkgt"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.2"}],"aliases":["PYSEC-2019-72"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t6db-buke-nfhf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/90800?format=json","vulnerability_id":"VCID-tdp4-h4ht-pqhs","summary":"A flaw was found in the solaris_zone module from the Ansible Community modules. When setting the name for the zone on the Solaris host, the zone name is checked by listing the process with the 'ps' bare command on the remote machine. An attacker could take advantage of this flaw by crafting the name of the zone and executing arbitrary commands in the remote host. Ansible Engine 2.7.15, 2.8.7, and 2.9.2 as well as previous versions are affected.","references":[{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1776944","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1776944"},{"reference_url":"https://github.com/ansible/ansible/pull/65686","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ansible/ansible/pull/65686"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/01/msg00023.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2021/01/msg00023.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/7568?format=json","purl":"pkg:pypi/ansible@2.7.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-a49n-tvnt-p3df"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-uhg5-zpzt-e3gz"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.15"},{"url":"http://public2.vulnerablecode.io/api/packages/9832?format=json","purl":"pkg:pypi/ansible@2.8.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-a49n-tvnt-p3df"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-uhg5-zpzt-e3gz"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.7"},{"url":"http://public2.vulnerablecode.io/api/packages/10046?format=json","purl":"pkg:pypi/ansible@2.9.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3jej-4jyp-cqbt"},{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-a49n-tvnt-p3df"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.2"}],"aliases":["PYSEC-2020-180"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tdp4-h4ht-pqhs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/20488?format=json","vulnerability_id":"VCID-ujbp-cc1r-wfe9","summary":"Ansible symlink attack vulnerability\nAn absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used to overwrite a file outside of the extraction path.","references":[{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5701","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2023:5701"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5758","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2023:5758"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5115.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5115.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5115","reference_id":"","reference_type":"","scores":[{"value":"0.00716","scoring_system":"epss","scoring_elements":"0.72353","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00716","scoring_system":"epss","scoring_elements":"0.72376","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00716","scoring_system":"epss","scoring_elements":"0.72388","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00716","scoring_system":"epss","scoring_elements":"0.72404","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00716","scoring_system":"epss","scoring_elements":"0.72381","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00716","scoring_system":"epss","scoring_elements":"0.7233","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00716","scoring_system":"epss","scoring_elements":"0.72335","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00716","scoring_system":"epss","scoring_elements":"0.72369","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5115"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2233810","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2233810"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5115","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5115"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/ansible/ansible","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible"},{"reference_url":"https://github.com/ansible/ansible/commit/1e930684bc0a76ec3d094cd326738ad26416541c","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/1e930684bc0a76ec3d094cd326738ad26416541c"},{"reference_url":"https://github.com/ansible-community/ansible-build-data/blob/16d36538b96c65d9e0e28d89781361b69857ac0e/8/CHANGELOG-v8.rst#L221","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible-community/ansible-build-data/blob/16d36538b96c65d9e0e28d89781361b69857ac0e/8/CHANGELOG-v8.rst#L221"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053693","reference_id":"1053693","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053693"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-5115","reference_id":"CVE-2023-5115","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2023-5115"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5115","reference_id":"CVE-2023-5115","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5115"},{"reference_url":"https://github.com/advisories/GHSA-jpvw-p8pr-9g2x","reference_id":"GHSA-jpvw-p8pr-9g2x","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jpvw-p8pr-9g2x"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/62082?format=json","purl":"pkg:pypi/ansible@8.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qbdk-hxhg-wbh4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@8.5.0"}],"aliases":["CVE-2023-5115","GHSA-jpvw-p8pr-9g2x"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ujbp-cc1r-wfe9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6141?format=json","vulnerability_id":"VCID-v3h9-1t69-v7a3","summary":"An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive data is exposed to content and json output. This flaw allows an attacker to access the logs or outputs of performed tasks to read keys used in playbooks from other users within the uri module. The highest threat from this vulnerability is to data confidentiality.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14330.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14330.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14330","reference_id":"","reference_type":"","scores":[{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32894","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32919","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32957","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32955","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32878","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.33048","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.33015","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32884","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32925","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14330"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14330","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-785x-qw4v-6872","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-785x-qw4v-6872"},{"reference_url":"https://github.com/ansible/ansible","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible"},{"reference_url":"https://github.com/ansible/ansible/commit/e0f25a2b1f9e6c21f751ba0ed2dc2eee2152983e","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/e0f25a2b1f9e6c21f751ba0ed2dc2eee2152983e"},{"reference_url":"https://github.com/ansible/ansible/issues/68400","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/issues/68400"},{"reference_url":"https://github.com/ansible/ansible/pull/69653","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/pull/69653"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-3.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-3.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-14330","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-14330"},{"reference_url":"https://www.debian.org/security/2021/dsa-4950","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2021/dsa-4950"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1856815","reference_id":"1856815","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1856815"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3600","reference_id":"RHSA-2020:3600","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3600"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13282?format=json","purl":"pkg:pypi/ansible@2.9.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.12"},{"url":"http://public2.vulnerablecode.io/api/packages/13341?format=json","purl":"pkg:pypi/ansible@2.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.0"}],"aliases":["CVE-2020-14330","GHSA-785x-qw4v-6872","PYSEC-2020-3"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v3h9-1t69-v7a3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6040?format=json","vulnerability_id":"VCID-whyk-3ynn-zyf4","summary":"A flaw was found in the pipe lookup plugin of ansible. Arbitrary commands can be run, when the pipe lookup plugin uses subprocess.Popen() with shell=True, by overwriting ansible facts and the variable is not escaped by quote plugin. An attacker could take advantage and run arbitrary commands by overwriting the ansible facts.","references":[{"reference_url":"https://access.redhat.com/errata/RHBA-2020:0547","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHBA-2020:0547"},{"reference_url":"https://access.redhat.com/errata/RHBA-2020:1539","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHBA-2020:1539"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1734.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1734.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1734","reference_id":"","reference_type":"","scores":[{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32653","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32691","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.3269","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32664","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32616","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32795","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32759","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32624","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32626","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1734"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1801804","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1801804"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1734","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1734"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1734","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1734"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-h39q-95q5-9jfp","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-h39q-95q5-9jfp"},{"reference_url":"https://github.com/ansible/ansible","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible"},{"reference_url":"https://github.com/ansible/ansible/commit/4f978af4ca16ad9828ffe42203b9615425195f8b","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/4f978af4ca16ad9828ffe42203b9615425195f8b"},{"reference_url":"https://github.com/ansible/ansible/commit/963bdd9983b91a48fb6949fb2ef41071e72d0be0","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/963bdd9983b91a48fb6949fb2ef41071e72d0be0"},{"reference_url":"https://github.com/ansible/ansible/commit/bff0724e9eab2770f874e018298f9ab74cc2a78f","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/bff0724e9eab2770f874e018298f9ab74cc2a78f"},{"reference_url":"https://github.com/ansible/ansible/commit/e5649ca3e807f17e7c034ee22791f107162973b0","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/e5649ca3e807f17e7c034ee22791f107162973b0"},{"reference_url":"https://github.com/ansible/ansible/issues/67792","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/issues/67792"},{"reference_url":"https://github.com/ansible/ansible/issues/70159","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/issues/70159"},{"reference_url":"https://github.com/ansible/ansible/pull/70596","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/pull/70596"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-6.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-6.yaml"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2020-1734","reference_id":"CVE-2020-1734","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2020-1734"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1734","reference_id":"CVE-2020-1734","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1734"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/7570?format=json","purl":"pkg:pypi/ansible@2.7.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.17"},{"url":"http://public2.vulnerablecode.io/api/packages/10624?format=json","purl":"pkg:pypi/ansible@2.8.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.13"},{"url":"http://public2.vulnerablecode.io/api/packages/13280?format=json","purl":"pkg:pypi/ansible@2.9.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.11"},{"url":"http://public2.vulnerablecode.io/api/packages/13340?format=json","purl":"pkg:pypi/ansible@2.10.0rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.0rc1"}],"aliases":["CVE-2020-1734","GHSA-h39q-95q5-9jfp","PYSEC-2020-6"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-whyk-3ynn-zyf4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5745?format=json","vulnerability_id":"VCID-wqm7-2ajr-6ue8","summary":"In ansible it was found that inventory variables are loaded from current working directory when running ad-hoc command which are under attacker's control, allowing to run arbitrary code as a result.","references":[{"reference_url":"https://access.redhat.com/errata/RHBA-2018:3788","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHBA-2018:3788"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2150","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:2150"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2151","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:2151"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2152","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:2152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2166","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:2166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2321","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:2321"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2585","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:2585"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0054","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:0054"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10874.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10874.json"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2018-10874","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2018-10874"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10874","reference_id":"","reference_type":"","scores":[{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14406","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14348","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14404","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14441","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14492","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14437","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14354","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14546","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14476","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10874"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1596528","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1596528"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10874","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10874"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10874","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10874"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/ansible/ansible","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible"},{"reference_url":"https://github.com/ansible/ansible/commit/10d6fe6c98cfee9a7be0fea6102ba5dec951aec7","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/10d6fe6c98cfee9a7be0fea6102ba5dec951aec7"},{"reference_url":"https://github.com/ansible/ansible/commit/1f80949f964a946773f9d3ac1899535bd2cc2b8e","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/1f80949f964a946773f9d3ac1899535bd2cc2b8e"},{"reference_url":"https://github.com/ansible/ansible/commit/44874addc7ea136f83c67d5869047ece02645fdb","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/44874addc7ea136f83c67d5869047ece02645fdb"},{"reference_url":"https://github.com/ansible/ansible/pull/42067","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/pull/42067"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2018-81.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2018-81.yaml"},{"reference_url":"https://usn.ubuntu.com/4072-1","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/4072-1"},{"reference_url":"https://usn.ubuntu.com/4072-1/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4072-1/"},{"reference_url":"https://web.archive.org/web/20201130165946/http://www.securitytracker.com/id/1041396","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20201130165946/http://www.securitytracker.com/id/1041396"},{"reference_url":"http://www.securitytracker.com/id/1041396","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1041396"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ansible_engine:2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ansible_engine:2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ansible_engine:2.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ansible_engine:2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:openstack:12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-10874","reference_id":"CVE-2018-10874","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:P/I:P/A:P"},{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-10874"},{"reference_url":"https://github.com/advisories/GHSA-3xvg-x47j-x75w","reference_id":"GHSA-3xvg-x47j-x75w","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3xvg-x47j-x75w"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/6632?format=json","purl":"pkg:pypi/ansible@2.4.6.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-drt9-vx5r-akgm"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-kb5h-116p-33b4"},{"vulnerability":"VCID-puq1-z5h7-pkdg"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-rknj-nkgs-wyg2"},{"vulnerability":"VCID-t6db-buke-nfhf"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x5e2-7whc-v3fc"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-y91x-2rch-pkar"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-ykxk-6mpc-wkgt"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.4.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/6633?format=json","purl":"pkg:pypi/ansible@2.5.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b1pw-nusu-27c4"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-drt9-vx5r-akgm"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-kb5h-116p-33b4"},{"vulnerability":"VCID-puq1-z5h7-pkdg"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-rknj-nkgs-wyg2"},{"vulnerability":"VCID-t6db-buke-nfhf"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x5e2-7whc-v3fc"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-y91x-2rch-pkar"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-ykxk-6mpc-wkgt"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.5.6"},{"url":"http://public2.vulnerablecode.io/api/packages/6634?format=json","purl":"pkg:pypi/ansible@2.6.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b1pw-nusu-27c4"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-ckt2-us5z-pyef"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-drt9-vx5r-akgm"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-kb5h-116p-33b4"},{"vulnerability":"VCID-puq1-z5h7-pkdg"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-rknj-nkgs-wyg2"},{"vulnerability":"VCID-swpr-3qae-d7fe"},{"vulnerability":"VCID-t6db-buke-nfhf"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x5e2-7whc-v3fc"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-ykxk-6mpc-wkgt"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.6.1"}],"aliases":["CVE-2018-10874","GHSA-3xvg-x47j-x75w","PYSEC-2018-81"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wqm7-2ajr-6ue8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5914?format=json","vulnerability_id":"VCID-x5e2-7whc-v3fc","summary":"A flaw was discovered in the way Ansible templating was implemented in versions before 2.6.18, 2.7.12 and 2.8.2, causing the possibility of information disclosure through unexpected variable substitution. By taking advantage of unintended variable substitution the content of any variable may be disclosed.","references":[{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3744","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:3744"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3789","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:3789"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10156.json","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10156.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10156","reference_id":"","reference_type":"","scores":[{"value":"0.005","scoring_system":"epss","scoring_elements":"0.65949","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00653","scoring_system":"epss","scoring_elements":"0.70844","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00653","scoring_system":"epss","scoring_elements":"0.7083","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00653","scoring_system":"epss","scoring_elements":"0.70837","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00653","scoring_system":"epss","scoring_elements":"0.70862","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00653","scoring_system":"epss","scoring_elements":"0.70881","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00653","scoring_system":"epss","scoring_elements":"0.70896","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00653","scoring_system":"epss","scoring_elements":"0.70919","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00653","scoring_system":"epss","scoring_elements":"0.70904","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10156"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10156","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10156"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-grgm-pph5-j5h7","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-grgm-pph5-j5h7"},{"reference_url":"https://github.com/ansible/ansible","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible"},{"reference_url":"https://github.com/ansible/ansible/commit/04e94274fb92e116e9082cc9b86b1fd05c836922","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/04e94274fb92e116e9082cc9b86b1fd05c836922"},{"reference_url":"https://github.com/ansible/ansible/commit/3ff6505e8ff0e4655bab008886983476ef903375","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/3ff6505e8ff0e4655bab008886983476ef903375"},{"reference_url":"https://github.com/ansible/ansible/commit/a11c3edfa41e7e4a4db323cdabfc2eae1b61da2a","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/a11c3edfa41e7e4a4db323cdabfc2eae1b61da2a"},{"reference_url":"https://github.com/ansible/ansible/pull/57188","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/pull/57188"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2019-2.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2019-2.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00016.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00016.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/01/msg00023.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2021/01/msg00023.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10156","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10156"},{"reference_url":"https://www.debian.org/security/2021/dsa-4950","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2021/dsa-4950"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1717311","reference_id":"1717311","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1717311"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930065","reference_id":"930065","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930065"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1705","reference_id":"RHSA-2019:1705","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1705"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1706","reference_id":"RHSA-2019:1706","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1706"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1707","reference_id":"RHSA-2019:1707","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1707"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1708","reference_id":"RHSA-2019:1708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1708"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/8970?format=json","purl":"pkg:pypi/ansible@2.6.18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-ckt2-us5z-pyef"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-kb5h-116p-33b4"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-swpr-3qae-d7fe"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-ykxk-6mpc-wkgt"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.6.18"},{"url":"http://public2.vulnerablecode.io/api/packages/7565?format=json","purl":"pkg:pypi/ansible@2.7.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-a49n-tvnt-p3df"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-ckt2-us5z-pyef"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dagf-buer-4ffr"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-kb5h-116p-33b4"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-swpr-3qae-d7fe"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-uhg5-zpzt-e3gz"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-ykxk-6mpc-wkgt"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.12"},{"url":"http://public2.vulnerablecode.io/api/packages/8971?format=json","purl":"pkg:pypi/ansible@2.8.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-7uu9-tj6b-quf6"},{"vulnerability":"VCID-a49n-tvnt-p3df"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-ckt2-us5z-pyef"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dagf-buer-4ffr"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-kb5h-116p-33b4"},{"vulnerability":"VCID-nukv-kkws-xkb1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-swpr-3qae-d7fe"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-uhg5-zpzt-e3gz"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-ykxk-6mpc-wkgt"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.2"}],"aliases":["CVE-2019-10156","GHSA-grgm-pph5-j5h7","PYSEC-2019-2"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x5e2-7whc-v3fc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6461?format=json","vulnerability_id":"VCID-x94k-nxyd-27gs","summary":"A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length generate the equal value as the template caching action for the same file since no re-evaluation happens. The highest threat from this vulnerability would be that all passwords are exposed at once for the file. This flaw affects Ansible Engine versions before 2.9.6.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10729.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10729.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10729","reference_id":"","reference_type":"","scores":[{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23336","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.2329","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.2339","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23427","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23408","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23358","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23285","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23464","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23501","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10729"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1831089","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1831089"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-r6h7-5pq2-j77h","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r6h7-5pq2-j77h"},{"reference_url":"https://github.com/ansible/ansible","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible"},{"reference_url":"https://github.com/ansible/ansible/blob/v2.9.6/changelogs/CHANGELOG-v2.9.rst","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/blob/v2.9.6/changelogs/CHANGELOG-v2.9.rst"},{"reference_url":"https://github.com/ansible/ansible/commit/c520d70bf4748c8ee6718a7d0d0254051ba1c2e9","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/c520d70bf4748c8ee6718a7d0d0254051ba1c2e9"},{"reference_url":"https://github.com/ansible/ansible/issues/34144","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/issues/34144"},{"reference_url":"https://github.com/ansible/ansible/pull/67429","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/pull/67429"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-105.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-105.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10729","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10729"},{"reference_url":"https://www.debian.org/security/2021/dsa-4950","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2021/dsa-4950"},{"reference_url":"https://usn.ubuntu.com/7330-1/","reference_id":"USN-7330-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7330-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10051?format=json","purl":"pkg:pypi/ansible@2.9.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3jej-4jyp-cqbt"},{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.6"}],"aliases":["CVE-2020-10729","GHSA-r6h7-5pq2-j77h","PYSEC-2021-105"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x94k-nxyd-27gs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6459?format=json","vulnerability_id":"VCID-xw8r-fn6y-mbhp","summary":"A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality. Versions before ansible 2.9.18 are affected.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20191.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20191.json"},{"reference_url":"https://access.redhat.com/security/cve/cve-2021-20191","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/cve-2021-20191"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20191","reference_id":"","reference_type":"","scores":[{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11217","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11266","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.1121","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11131","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11315","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11255","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11108","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11243","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11277","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20191"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1916813","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1916813"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20191","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20191"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-8f4m-hccc-8qph","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8f4m-hccc-8qph"},{"reference_url":"https://github.com/ansible/ansible","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible"},{"reference_url":"https://github.com/ansible/ansible/commit/cc82d986c40328d4ae81298a9d287c95a6326bb0","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/cc82d986c40328d4ae81298a9d287c95a6326bb0"},{"reference_url":"https://github.com/ansible/ansible/commit/d74a1b1d1325af2a24848044cf2858987f5a3ecc","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/d74a1b1d1325af2a24848044cf2858987f5a3ecc"},{"reference_url":"https://github.com/ansible/ansible/pull/73488","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/pull/73488"},{"reference_url":"https://github.com/ansible/ansible/pull/73489","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/pull/73489"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-124.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2021-124.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-20191","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-20191"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985753","reference_id":"985753","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985753"},{"reference_url":"https://security.archlinux.org/ASA-202102-9","reference_id":"ASA-202102-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202102-9"},{"reference_url":"https://security.archlinux.org/AVG-1437","reference_id":"AVG-1437","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1437"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0663","reference_id":"RHSA-2021:0663","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0663"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0664","reference_id":"RHSA-2021:0664","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0664"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1079","reference_id":"RHSA-2021:1079","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1079"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2180","reference_id":"RHSA-2021:2180","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2180"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13290?format=json","purl":"pkg:pypi/ansible@2.8.19rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.19rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/13291?format=json","purl":"pkg:pypi/ansible@2.8.19","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-x94k-nxyd-27gs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.19"},{"url":"http://public2.vulnerablecode.io/api/packages/13309?format=json","purl":"pkg:pypi/ansible@2.9.18rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.18rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/13310?format=json","purl":"pkg:pypi/ansible@2.9.18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.18"},{"url":"http://public2.vulnerablecode.io/api/packages/17135?format=json","purl":"pkg:pypi/ansible@2.10.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.7"}],"aliases":["CVE-2021-20191","GHSA-8f4m-hccc-8qph","PYSEC-2021-124"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xw8r-fn6y-mbhp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5753?format=json","vulnerability_id":"VCID-y91x-2rch-pkar","summary":"A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html"},{"reference_url":"https://access.redhat.com/errata/RHBA-2018:3788","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHBA-2018:3788"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2150","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:2150"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2151","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:2151"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2152","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:2152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2166","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:2166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2321","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:2321"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2585","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:2585"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0054","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:0054"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10875.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10875.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10875","reference_id":"","reference_type":"","scores":[{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13325","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13206","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13233","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13255","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13293","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13334","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13397","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13194","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13274","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10875"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10875","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10875"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10855","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10855"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10875","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10875"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16876","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16876"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3828","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3828"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/ansible/ansible","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible"},{"reference_url":"https://github.com/ansible/ansible/commit/4cecbe81adbc655d7ab734165d3ac539f8ba5981","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/4cecbe81adbc655d7ab734165d3ac539f8ba5981"},{"reference_url":"https://github.com/ansible/ansible/commit/f32c42c37aaf7b9db93ea3151b2f42a0c4bd8172","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/f32c42c37aaf7b9db93ea3151b2f42a0c4bd8172"},{"reference_url":"https://github.com/ansible/ansible/commit/ff980afefdbe4ceb828bdb1bb2eef03cf616bf63","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/ff980afefdbe4ceb828bdb1bb2eef03cf616bf63"},{"reference_url":"https://github.com/ansible/ansible/issues/42388","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/issues/42388"},{"reference_url":"https://github.com/ansible/ansible/pull/42070","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/pull/42070"},{"reference_url":"https://github.com/ansible/ansible/pull/43583","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/pull/43583"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2018-43.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2018-43.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00016.html","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00016.html"},{"reference_url":"https://usn.ubuntu.com/4072-1","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/4072-1"},{"reference_url":"https://usn.ubuntu.com/4072-1/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4072-1/"},{"reference_url":"https://web.archive.org/web/20201130165946/http://www.securitytracker.com/id/1041396","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20201130165946/http://www.securitytracker.com/id/1041396"},{"reference_url":"https://www.debian.org/security/2019/dsa-4396","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2019/dsa-4396"},{"reference_url":"http://www.securitytracker.com/id/1041396","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1041396"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1596533","reference_id":"1596533","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1596533"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ansible_engine:2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ansible_engine:2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ansible_engine:2.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ansible_engine:2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_engine:2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ceph_storage:2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ceph_storage:2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ceph_storage:2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ceph_storage:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ceph_storage:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ceph_storage:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:gluster_storage:3.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:gluster_storage:3.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:gluster_storage:3.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.0:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:redhat:openshift:3.0:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.0:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:openstack:12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-10875","reference_id":"CVE-2018-10875","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:P/I:P/A:P"},{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-10875"},{"reference_url":"https://github.com/advisories/GHSA-fc4h-467w-46rh","reference_id":"GHSA-fc4h-467w-46rh","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-fc4h-467w-46rh"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/6632?format=json","purl":"pkg:pypi/ansible@2.4.6.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-drt9-vx5r-akgm"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-kb5h-116p-33b4"},{"vulnerability":"VCID-puq1-z5h7-pkdg"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-rknj-nkgs-wyg2"},{"vulnerability":"VCID-t6db-buke-nfhf"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x5e2-7whc-v3fc"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-y91x-2rch-pkar"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-ykxk-6mpc-wkgt"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.4.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/6633?format=json","purl":"pkg:pypi/ansible@2.5.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b1pw-nusu-27c4"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-drt9-vx5r-akgm"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-kb5h-116p-33b4"},{"vulnerability":"VCID-puq1-z5h7-pkdg"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-rknj-nkgs-wyg2"},{"vulnerability":"VCID-t6db-buke-nfhf"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x5e2-7whc-v3fc"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-y91x-2rch-pkar"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-ykxk-6mpc-wkgt"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.5.6"},{"url":"http://public2.vulnerablecode.io/api/packages/6634?format=json","purl":"pkg:pypi/ansible@2.6.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b1pw-nusu-27c4"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-ckt2-us5z-pyef"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-drt9-vx5r-akgm"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-kb5h-116p-33b4"},{"vulnerability":"VCID-puq1-z5h7-pkdg"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-rknj-nkgs-wyg2"},{"vulnerability":"VCID-swpr-3qae-d7fe"},{"vulnerability":"VCID-t6db-buke-nfhf"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x5e2-7whc-v3fc"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-ykxk-6mpc-wkgt"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.6.1"}],"aliases":["CVE-2018-10875","GHSA-fc4h-467w-46rh","PYSEC-2018-43"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y91x-2rch-pkar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6140?format=json","vulnerability_id":"VCID-yeea-n94x-qqch","summary":"A flaw was found in the Ansible Engine when using module_args. Tasks executed with check mode (--check-mode) do not properly neutralize sensitive data exposed in the event data. This flaw allows unauthorized users to read this data. The highest threat from this vulnerability is to confidentiality.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14332.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14332.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14332","reference_id":"","reference_type":"","scores":[{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35362","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35384","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.3542","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35419","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35394","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35348","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35465","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.3544","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35239","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14332"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14332","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14332"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-j667-c2hm-f2wp","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-j667-c2hm-f2wp"},{"reference_url":"https://github.com/ansible/ansible","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible"},{"reference_url":"https://github.com/ansible/ansible/blob/stable-2.10/changelogs/CHANGELOG-v2.10.rst#security-fixes-3","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/blob/stable-2.10/changelogs/CHANGELOG-v2.10.rst#security-fixes-3"},{"reference_url":"https://github.com/ansible/ansible/blob/stable-2.8/changelogs/CHANGELOG-v2.8.rst#security-fixes-4","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/blob/stable-2.8/changelogs/CHANGELOG-v2.8.rst#security-fixes-4"},{"reference_url":"https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst#security-fixes-6","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst#security-fixes-6"},{"reference_url":"https://github.com/ansible/ansible/commit/291f94934c8c49eef85e6539087f2dfcd001fe4f","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/291f94934c8c49eef85e6539087f2dfcd001fe4f"},{"reference_url":"https://github.com/ansible/ansible/commit/6cae9a4b168df776bf82deb04b2c62e00c38b49a","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/6cae9a4b168df776bf82deb04b2c62e00c38b49a"},{"reference_url":"https://github.com/ansible/ansible/commit/714cd2ad2eff7f003d728414afcb91591fad5d9a","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/714cd2ad2eff7f003d728414afcb91591fad5d9a"},{"reference_url":"https://github.com/ansible/ansible/pull/71033","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/pull/71033"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-4.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-4.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-14332","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-14332"},{"reference_url":"https://www.debian.org/security/2021/dsa-4950","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2021/dsa-4950"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1857805","reference_id":"1857805","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1857805"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966672","reference_id":"966672","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966672"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3600","reference_id":"RHSA-2020:3600","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3600"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13281?format=json","purl":"pkg:pypi/ansible@2.8.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.14"},{"url":"http://public2.vulnerablecode.io/api/packages/13282?format=json","purl":"pkg:pypi/ansible@2.9.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.12"},{"url":"http://public2.vulnerablecode.io/api/packages/80725?format=json","purl":"pkg:pypi/ansible@2.10.1rc2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.1rc2"},{"url":"http://public2.vulnerablecode.io/api/packages/13575?format=json","purl":"pkg:pypi/ansible@2.10.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jy6-eqpn-wbce"},{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.10.1"}],"aliases":["CVE-2020-14332","GHSA-j667-c2hm-f2wp","PYSEC-2020-4"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yeea-n94x-qqch"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/90157?format=json","vulnerability_id":"VCID-ykxk-6mpc-wkgt","summary":"In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible modules, as those are executed in a separate process.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3201","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3202","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3202"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3203","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3203"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3207","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3207"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0756","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0756"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14846","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14846"},{"reference_url":"https://github.com/ansible/ansible/pull/63366","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ansible/ansible/pull/63366"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/05/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/05/msg00005.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/01/msg00023.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2021/01/msg00023.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/9396?format=json","purl":"pkg:pypi/ansible@2.6.20","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.6.20"},{"url":"http://public2.vulnerablecode.io/api/packages/7567?format=json","purl":"pkg:pypi/ansible@2.7.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-a49n-tvnt-p3df"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dagf-buer-4ffr"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-uhg5-zpzt-e3gz"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.14"},{"url":"http://public2.vulnerablecode.io/api/packages/9397?format=json","purl":"pkg:pypi/ansible@2.8.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-a49n-tvnt-p3df"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dagf-buer-4ffr"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-tdp4-h4ht-pqhs"},{"vulnerability":"VCID-uhg5-zpzt-e3gz"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.6"}],"aliases":["PYSEC-2019-74"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ykxk-6mpc-wkgt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6054?format=json","vulnerability_id":"VCID-yur3-am6j-w7ay","summary":"A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. When a user executes \"ansible-vault edit\", another user on the same computer can read the old and new secret, as it is created in a temporary file with mkstemp and the returned file descriptor is closed and the method write_data is called to write the existing secret in the file. This method will delete the file before recreating it insecurely. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1740.json","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1740.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1740","reference_id":"","reference_type":"","scores":[{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08182","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.082","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08221","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08229","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08212","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08059","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08196","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08149","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08143","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1740"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1740","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-vcg8-98q8-g7mj","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vcg8-98q8-g7mj"},{"reference_url":"https://github.com/ansible/ansible","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible"},{"reference_url":"https://github.com/ansible/ansible/commit/28f9fbdb5e281976e33f443193047068afb97a9b","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/28f9fbdb5e281976e33f443193047068afb97a9b"},{"reference_url":"https://github.com/ansible/ansible/commit/2a563514f070a0a8ba64aebf6bce21194be96c73","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/2a563514f070a0a8ba64aebf6bce21194be96c73"},{"reference_url":"https://github.com/ansible/ansible/commit/685a4b6d3ff72186d2b4ffce73172a5446a71ccc","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/685a4b6d3ff72186d2b4ffce73172a5446a71ccc"},{"reference_url":"https://github.com/ansible/ansible/commit/ef32a5bf96a89107986375516285253c1380d7ef","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/ef32a5bf96a89107986375516285253c1380d7ef"},{"reference_url":"https://github.com/ansible/ansible/issues/67798","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/issues/67798"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-12.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-12.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/05/msg00005.html","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2020/05/msg00005.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1740","reference_id":"","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:P/I:N/A:N"},{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1740"},{"reference_url":"https://security.gentoo.org/glsa/202006-11","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202006-11"},{"reference_url":"https://www.debian.org/security/2021/dsa-4950","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2021/dsa-4950"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1802193","reference_id":"1802193","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1802193"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1541","reference_id":"RHSA-2020:1541","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1541"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1542","reference_id":"RHSA-2020:1542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1543","reference_id":"RHSA-2020:1543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1543"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1544","reference_id":"RHSA-2020:1544","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1544"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/7570?format=json","purl":"pkg:pypi/ansible@2.7.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.17"},{"url":"http://public2.vulnerablecode.io/api/packages/7572?format=json","purl":"pkg:pypi/ansible@2.8.0a1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-a49n-tvnt-p3df"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-kb5h-116p-33b4"},{"vulnerability":"VCID-nukv-kkws-xkb1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-uhg5-zpzt-e3gz"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x5e2-7whc-v3fc"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.0a1"},{"url":"http://public2.vulnerablecode.io/api/packages/10050?format=json","purl":"pkg:pypi/ansible@2.8.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.9"},{"url":"http://public2.vulnerablecode.io/api/packages/10145?format=json","purl":"pkg:pypi/ansible@2.8.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.11"},{"url":"http://public2.vulnerablecode.io/api/packages/10051?format=json","purl":"pkg:pypi/ansible@2.9.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3jej-4jyp-cqbt"},{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.6"},{"url":"http://public2.vulnerablecode.io/api/packages/10146?format=json","purl":"pkg:pypi/ansible@2.9.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.7"}],"aliases":["CVE-2020-1740","GHSA-vcg8-98q8-g7mj","PYSEC-2020-12"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yur3-am6j-w7ay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6057?format=json","vulnerability_id":"VCID-zzzs-scbg-bbe9","summary":"A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destination path on the controller node. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1735.json","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1735.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1735","reference_id":"","reference_type":"","scores":[{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36287","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36308","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36344","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36338","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36206","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36268","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36433","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.364","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36316","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1735"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1735","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1735"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-gfr2-qpxh-qj9m","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-gfr2-qpxh-qj9m"},{"reference_url":"https://github.com/ansible/ansible","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible"},{"reference_url":"https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst#security-fixes-7","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst#security-fixes-7"},{"reference_url":"https://github.com/ansible/ansible/commit/18f91bbb88a84b1d3614ef41c3550da735592ac1","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/18f91bbb88a84b1d3614ef41c3550da735592ac1"},{"reference_url":"https://github.com/ansible/ansible/commit/40969ff43812fabf5397f818d9e521f9b39c9c9a","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/40969ff43812fabf5397f818d9e521f9b39c9c9a"},{"reference_url":"https://github.com/ansible/ansible/commit/de9a4f5474c5f5db442ae7493d6b5da7177e335d","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/commit/de9a4f5474c5f5db442ae7493d6b5da7177e335d"},{"reference_url":"https://github.com/ansible/ansible/issues/67793","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/issues/67793"},{"reference_url":"https://github.com/ansible/ansible/pull/69023","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/pull/69023"},{"reference_url":"https://github.com/ansible/ansible/pull/69024","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/pull/69024"},{"reference_url":"https://github.com/ansible/ansible/pull/69025","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ansible/ansible/pull/69025"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-7.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-7.yaml"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1735","reference_id":"","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:P/I:P/A:N"},{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1735"},{"reference_url":"https://security.gentoo.org/glsa/202006-11","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202006-11"},{"reference_url":"https://www.debian.org/security/2021/dsa-4950","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2021/dsa-4950"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1802085","reference_id":"1802085","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1802085"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1541","reference_id":"RHSA-2020:1541","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1541"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1542","reference_id":"RHSA-2020:1542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1543","reference_id":"RHSA-2020:1543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1543"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1544","reference_id":"RHSA-2020:1544","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1544"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/7570?format=json","purl":"pkg:pypi/ansible@2.7.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.17"},{"url":"http://public2.vulnerablecode.io/api/packages/7571?format=json","purl":"pkg:pypi/ansible@2.7.18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.7.18"},{"url":"http://public2.vulnerablecode.io/api/packages/7572?format=json","purl":"pkg:pypi/ansible@2.8.0a1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-a49n-tvnt-p3df"},{"vulnerability":"VCID-ae1r-yq1g-rkem"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d4ka-dk4p-kfhb"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jnmu-c8dt-5yb6"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-kb5h-116p-33b4"},{"vulnerability":"VCID-nukv-kkws-xkb1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-r6bb-p28b-8fcn"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-uhg5-zpzt-e3gz"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x5e2-7whc-v3fc"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.0a1"},{"url":"http://public2.vulnerablecode.io/api/packages/10050?format=json","purl":"pkg:pypi/ansible@2.8.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.9"},{"url":"http://public2.vulnerablecode.io/api/packages/10621?format=json","purl":"pkg:pypi/ansible@2.8.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-x94k-nxyd-27gs"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.8.12"},{"url":"http://public2.vulnerablecode.io/api/packages/10051?format=json","purl":"pkg:pypi/ansible@2.9.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3jej-4jyp-cqbt"},{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-b8zs-br97-57av"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-d7ez-s7qb-p3ay"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-ezaq-tqd3-4yd1"},{"vulnerability":"VCID-ezux-6buh-h7h7"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-h1n3-cmte-eugf"},{"vulnerability":"VCID-hqar-fca3-cbht"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-xg2f-12w4-yqge"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"},{"vulnerability":"VCID-yur3-am6j-w7ay"},{"vulnerability":"VCID-zzzs-scbg-bbe9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.6"},{"url":"http://public2.vulnerablecode.io/api/packages/10622?format=json","purl":"pkg:pypi/ansible@2.9.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yvf-k192-9fca"},{"vulnerability":"VCID-682j-e2pu-1uee"},{"vulnerability":"VCID-atun-stks-4kcb"},{"vulnerability":"VCID-axc3-wcsk-q3eg"},{"vulnerability":"VCID-c1xg-s3kx-gkft"},{"vulnerability":"VCID-dzdx-wae5-8ydy"},{"vulnerability":"VCID-e3z2-ydhb-gqfg"},{"vulnerability":"VCID-fj2p-7wkh-1fhq"},{"vulnerability":"VCID-geaa-6dxx-tbcw"},{"vulnerability":"VCID-jrxz-b168-7ug4"},{"vulnerability":"VCID-js7k-ptm9-2yh1"},{"vulnerability":"VCID-qbdk-hxhg-wbh4"},{"vulnerability":"VCID-rdwq-93d6-c7b4"},{"vulnerability":"VCID-rg5d-st3d-nbah"},{"vulnerability":"VCID-ujbp-cc1r-wfe9"},{"vulnerability":"VCID-v3h9-1t69-v7a3"},{"vulnerability":"VCID-whyk-3ynn-zyf4"},{"vulnerability":"VCID-xw8r-fn6y-mbhp"},{"vulnerability":"VCID-yeea-n94x-qqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.9.8"}],"aliases":["CVE-2020-1735","GHSA-gfr2-qpxh-qj9m","PYSEC-2020-7"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zzzs-scbg-bbe9"}],"fixing_vulnerabilities":[],"risk_score":"4.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.4.4.0"}