| Max CVSS | 3.7 | Min CVSS | 1.9 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2020-10684 | 3.6 |
A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x prior to 2.7.17, 2.8.9 and 2.9.6 respectively, when using ansible_facts as a subkey of itself and promoting it to a variable when inject is enabled, overwriting the ansible_facts
|
08-11-2022 - 02:39 | 24-03-2020 - 14:15 | |
| CVE-2020-1753 | 2.1 |
A security flaw was found in Ansible Engine, all Ansible 2.7.x versions prior to 2.7.17, all Ansible 2.8.x versions prior to 2.8.11 and all Ansible 2.9.x versions prior to 2.9.7, when managing kubernetes using the k8s module. Sensitive parameters suc
|
29-10-2022 - 02:34 | 16-03-2020 - 15:15 | |
| CVE-2020-1733 | 3.7 |
A race condition flaw was found in Ansible Engine 2.7.17 and prior, 2.8.9 and prior, 2.9.6 and prior when running a playbook with an unprivileged become user. When Ansible needs to run a module with become user, the temporary directory is created in
|
25-04-2022 - 17:37 | 11-03-2020 - 19:15 | |
| CVE-2020-1740 | 1.9 |
A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. When a user executes "ansible-vault edit", another user on the same computer can read the old and new secret, as it is created in a temporary file with mkstemp a
|
05-04-2022 - 15:01 | 16-03-2020 - 16:15 | |
| CVE-2020-1735 | 3.6 |
A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destination path on the controller node. All versions in 2.7.x, 2.8.x and 2.9.x branches are believ
|
05-04-2022 - 14:57 | 16-03-2020 - 16:15 |