Search Results (22 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-5115 2 Debian, Redhat 7 Debian Linux, Ansible Automation Platform, Ansible Automation Platform Developer and 4 more 2025-11-20 6.3 Medium
An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used to overwrite a file outside of the extraction path.
CVE-2024-0690 2 Fedoraproject, Redhat 8 Fedora, Ansible, Ansible Automation Platform and 5 more 2025-11-06 5 Medium
An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as decrypted secret values.