Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8
CVE-2021-4112
- EPSS 0.05%
- Published 25.08.2022 20:15:09
- Last modified 21.11.2024 06:36:55
A flaw was found in ansible-tower where the default installation is vulnerable to job isolation escape. This flaw allows an attacker to elevate the privilege from a low privileged user to an AWX user from outside the isolated environment.
5.5
CVE-2021-3620
- EPSS 0.2%
- Published 03.03.2022 19:15:08
- Last modified 21.11.2024 06:22:00
A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.
1