Ansible CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2014-4657	1 Redhat	1 Ansible	2024-11-21	9.8 Critical
The safe_eval function in Ansible before 1.5.4 does not properly restrict the code subset, which allows remote attackers to execute arbitrary code via crafted instructions.
CVE-2014-2686	1 Redhat	1 Ansible	2024-11-21	7.5 High
Ansible prior to 1.5.4 mishandles the evaluation of some strings.
CVE-2013-2233	1 Redhat	1 Ansible	2024-11-21	N/A
Ansible before 1.2.1 makes it easier for remote attackers to conduct man-in-the-middle attacks by leveraging failure to cache SSH host keys.

« first previous Page 17 of 17.