← Back

Ansible Collection

ansible_collection

Vendor: Redhat • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-4237
1Redhat
2Ansible Automation Platform
Ansible Collection
Nov 21, 2024
Oct 4, 2023
N/A· v4
7.8 HIGH· v3
N/A· v2
A flaw was found in the Ansible Automation Platform. When creating a new keypair, the ec2_key module prints out the private key directly to the standard output. This flaw allows an attacker to fetch those keys from the l...Show more
A flaw was found in the Ansible Automation Platform. When creating a new keypair, the ec2_key module prints out the private key directly to the standard output. This flaw allows an attacker to fetch those keys from the log files, compromising the system's confidentiality, integrity, and availability.Show less
CVE-2022-3697
1Redhat
2Ansible
Ansible Collection
Nov 21, 2024
Oct 28, 2022
N/A· v4
7.5 HIGH· v3
N/A· v2
A flaw was found in Ansible in the amazon.aws collection when using the tower_callback parameter from the amazon.aws.ec2_instance module. This flaw allows an attacker to take advantage of this issue as the module is hand...Show more
A flaw was found in Ansible in the amazon.aws collection when using the tower_callback parameter from the amazon.aws.ec2_instance module. This flaw allows an attacker to take advantage of this issue as the module is handling the parameter insecurely, leading to the password leaking in the logs.Show less