📦 Ansible Automation Platform

This CVE describes a template injection vulnerability in Ansible where unsafe template data can be executed, potentially allowing attackers to run arbitrary code. It affects Ansible users who process ...

CVE-2023-44487 is an HTTP/2 protocol vulnerability that allows attackers to cause denial of service by rapidly resetting streams, consuming server resources. This affects any system using HTTP/2, incl...

This CVE describes an HTML injection vulnerability in a Controller's user interface settings. Attackers can inject malicious HTML to create fake login pages, potentially capturing user credentials. Sy...

This vulnerability in Ansible Automation Platform's ec2_key module exposes private keys in standard output when creating new keypairs. Attackers can extract these keys from log files, potentially comp...

CVE-2021-3583 is a template injection vulnerability in Ansible that allows attackers to execute arbitrary commands through specially crafted facts in multi-line YAML strings. This can lead to sensitiv...

A cross-site scripting (XSS) vulnerability exists in aap-gateway that allows attackers to inject malicious scripts via the '?next=' URL parameter. This can lead to session hijacking, data theft, and u...