Update dependency ansible to v12 [SECURITY]#124

Open

renovate[bot] wants to merge 1 commit intomasterfrom

renovate/pypi-ansible-vulnerability

renovate Bot commented Mar 24, 2023 •

edited

Loading

This PR contains the following updates:

Package	Change	Age	Confidence
ansible (source)	`==5.4.0` → `==12.2.0`

Ansible leaks password to logs

CVE-2022-3697 / GHSA-cpx3-93w7-457x

More information

Details

A flaw was found in Ansible in the amazon.aws collection when using the tower_callback parameter from the amazon.aws.ec2_instance module. This flaw allows an attacker to take advantage of this issue as the module is handling the parameter insecurely, leading to the password leaking in the logs.

Severity

CVSS Score: 7.5 / 10 (High)
Vector String: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

References

This data is provided by the GitHub Advisory Database (CC-BY 4.0).

Ansible symlink attack vulnerability

CVE-2023-5115 / GHSA-jpvw-p8pr-9g2x

More information

Details

An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used to overwrite a file outside of the extraction path.

Severity

CVSS Score: 6.3 / 10 (Medium)
Vector String: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N

References

This data is provided by the GitHub Advisory Database (CC-BY 4.0).

Ansible Community General Collection is vulnerable to exposure of sensitive information

CVE-2025-14010 / GHSA-8ggh-xwr9-3373

More information

Details

A flaw was found in ansible-collection-community-general. This vulnerability allows for information exposure (IE) of sensitive credentials, specifically plaintext passwords, via verbose output when running Ansible with debug modes. Attackers with access to logs could retrieve these secrets and potentially compromise Keycloak accounts or administrative access.

Severity

CVSS Score: 5.5 / 10 (Medium)
Vector String: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

References

This data is provided by the GitHub Advisory Database (CC-BY 4.0).

Release Notes

ansible-community/ansible-build-data (ansible)

`v12.2.0`

`v12.1.0`

`v12.0.0`

`v11.13.0`

`v11.12.0`

`v11.11.0`

`v11.10.0`

`v11.9.0`

`v11.8.0`

`v11.7.0`

`v11.6.0`

`v11.5.0`

`v11.4.0`

`v11.3.0`

`v11.2.0`

`v11.1.0`

`v11.0.0`

`v10.7.0`

`v10.6.0`

`v10.5.0`

`v10.4.0`

`v10.3.0`

`v10.2.0`

`v10.1.0`

`v10.0.1`

`v9.13.0`

`v9.12.0`

`v9.11.0`

`v9.10.0`

`v9.9.0`

`v9.8.0`

`v9.7.0`

`v9.6.1`

`v9.5.1`

`v9.4.0`

`v9.3.0`

`v9.2.0`

`v9.1.0`

`v9.0.1`

`v8.7.0`

`v8.6.1`

`v8.6.0`

`v8.3.0`

`v8.2.0`

`v8.1.0`

`v8.0.0`

`v7.7.0`

`v7.6.0`

`v7.5.0`

`v7.4.0`

`v7.1.0`

`v7.0.0`

`v6.7.0`

`v6.6.0`

`v6.5.0`

`v6.4.0`

`v6.3.0`

`v6.2.0`

`v6.1.0`

`v5.9.0`

`v5.8.0`

`v5.7.1`

`v5.7.0`

`v5.6.0`

`v5.5.0`

Configuration

📅 Schedule: (UTC)

Branch creation
- ""
Automerge
- At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

Author

renovate Bot commented Mar 24, 2023

Branch automerge failure

This PR was configured for branch automerge. However, this is not possible, so it has been raised as a PR instead.

Branch has one or more failed status checks

renovate Bot force-pushed the renovate/pypi-ansible-vulnerability branch from bff758c to 34fbcf8 Compare

March 25, 2023 02:53

renovate Bot changed the title ~~Update dependency ansible to v5.10.0 [SECURITY]~~ Update dependency ansible to v7 [SECURITY]

renovate Bot changed the title ~~Update dependency ansible to v7 [SECURITY]~~ Update dependency ansible to v5.10.0 [SECURITY]

renovate Bot force-pushed the renovate/pypi-ansible-vulnerability branch 2 times, most recently from 2184afe to 938e9dc Compare

May 28, 2023 12:50

renovate Bot changed the title ~~Update dependency ansible to v5.10.0 [SECURITY]~~ Update dependency ansible to v7 [SECURITY]

renovate Bot force-pushed the renovate/pypi-ansible-vulnerability branch from 938e9dc to eb2380a Compare

June 18, 2023 08:39

renovate Bot changed the title ~~Update dependency ansible to v7 [SECURITY]~~ Update dependency ansible to v5.10.0 [SECURITY]

renovate Bot force-pushed the renovate/pypi-ansible-vulnerability branch from eb2380a to 23e3f56 Compare

June 18, 2023 10:47

renovate Bot changed the title ~~Update dependency ansible to v5.10.0 [SECURITY]~~ Update dependency ansible to v7 [SECURITY]

renovate Bot force-pushed the renovate/pypi-ansible-vulnerability branch from 23e3f56 to 81a400b Compare

June 19, 2023 12:44

renovate Bot changed the title ~~Update dependency ansible to v7 [SECURITY]~~ Update dependency ansible to v5.10.0 [SECURITY]

renovate Bot force-pushed the renovate/pypi-ansible-vulnerability branch from 81a400b to 88e6d78 Compare

June 19, 2023 18:35

renovate Bot changed the title ~~Update dependency ansible to v5.10.0 [SECURITY]~~ Update dependency ansible to v7 [SECURITY]

renovate Bot force-pushed the renovate/pypi-ansible-vulnerability branch from 88e6d78 to aa43826 Compare

July 9, 2023 10:10

renovate Bot changed the title ~~Update dependency ansible to v7 [SECURITY]~~ Update dependency ansible to v5.10.0 [SECURITY]

renovate Bot force-pushed the renovate/pypi-ansible-vulnerability branch from aa43826 to baefbb7 Compare

July 9, 2023 13:48

renovate Bot changed the title ~~Update dependency ansible to v5.10.0 [SECURITY]~~ Update dependency ansible to v7 [SECURITY]

renovate Bot force-pushed the renovate/pypi-ansible-vulnerability branch from baefbb7 to 25a3229 Compare

August 9, 2023 13:53

renovate Bot changed the title ~~Update dependency ansible to v7 [SECURITY]~~ Update dependency ansible to v5.10.0 [SECURITY]

renovate Bot force-pushed the renovate/pypi-ansible-vulnerability branch from 25a3229 to 4949da5 Compare

August 9, 2023 16:09

renovate Bot changed the title ~~Update dependency ansible to v5.10.0 [SECURITY]~~ Update dependency ansible to v7 [SECURITY]

renovate Bot force-pushed the renovate/pypi-ansible-vulnerability branch from 4949da5 to 48070d0 Compare

August 22, 2023 21:29

renovate Bot changed the title ~~Update dependency ansible to v7 [SECURITY]~~ Update dependency ansible to v5.10.0 [SECURITY]

renovate Bot force-pushed the renovate/pypi-ansible-vulnerability branch from 48070d0 to 1a37118 Compare

August 23, 2023 02:19

renovate Bot changed the title ~~Update dependency ansible to v5.10.0 [SECURITY]~~ Update dependency ansible to v7 [SECURITY]

renovate Bot changed the title ~~Update dependency ansible to v7 [SECURITY]~~ Update dependency ansible to v5.10.0 [SECURITY]

renovate Bot force-pushed the renovate/pypi-ansible-vulnerability branch 2 times, most recently from ee92adb to aec920c Compare

September 19, 2023 15:12

renovate Bot force-pushed the renovate/pypi-ansible-vulnerability branch from c265ebb to c906676 Compare

January 4, 2024 15:52

renovate Bot changed the title ~~Update dependency ansible to v7 [SECURITY]~~ Update dependency ansible to v5.10.0 [SECURITY]

renovate Bot force-pushed the renovate/pypi-ansible-vulnerability branch from c906676 to 0058950 Compare

January 4, 2024 18:16

renovate Bot changed the title ~~Update dependency ansible to v5.10.0 [SECURITY]~~ Update dependency ansible to v7 [SECURITY]

renovate Bot force-pushed the renovate/pypi-ansible-vulnerability branch from 0058950 to b9f24f9 Compare

January 9, 2024 11:41

renovate Bot changed the title ~~Update dependency ansible to v7 [SECURITY]~~ Update dependency ansible to v5.10.0 [SECURITY]

renovate Bot force-pushed the renovate/pypi-ansible-vulnerability branch from b9f24f9 to 16d1d24 Compare

January 10, 2024 20:35

renovate Bot changed the title ~~Update dependency ansible to v5.10.0 [SECURITY]~~ Update dependency ansible to v7 [SECURITY]

renovate Bot force-pushed the renovate/pypi-ansible-vulnerability branch from 16d1d24 to fe61d57 Compare

January 16, 2024 12:31

renovate Bot changed the title ~~Update dependency ansible to v7 [SECURITY]~~ Update dependency ansible to v5.10.0 [SECURITY]

renovate Bot force-pushed the renovate/pypi-ansible-vulnerability branch from fe61d57 to 931c17b Compare

January 16, 2024 16:57

renovate Bot changed the title ~~Update dependency ansible to v5.10.0 [SECURITY]~~ Update dependency ansible to v7 [SECURITY]

renovate Bot force-pushed the renovate/pypi-ansible-vulnerability branch from 931c17b to 5fa2cc7 Compare

August 10, 2025 14:48

renovate Bot force-pushed the renovate/pypi-ansible-vulnerability branch from 5fa2cc7 to 15739ab Compare

October 21, 2025 09:54

renovate Bot force-pushed the renovate/pypi-ansible-vulnerability branch from 15739ab to fcd26ba Compare

November 10, 2025 16:43

renovate Bot force-pushed the renovate/pypi-ansible-vulnerability branch from fcd26ba to 1a29fef Compare

December 3, 2025 19:51

renovate Bot force-pushed the renovate/pypi-ansible-vulnerability branch from 1a29fef to 4980b96 Compare

February 2, 2026 14:44

Author

renovate Bot commented Feb 2, 2026 •

edited

Loading

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

any of the package files in this branch needs updating, or
the branch becomes conflicted, or
you click the rebase/retry checkbox if found above, or
you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: Pipfile.lock

Command failed: install-tool pipenv 2026.5.2

renovate Bot changed the title ~~Update dependency ansible to v7 [SECURITY]~~ Update dependency ansible to v7 [SECURITY] - autoclosed

renovate Bot closed this

renovate Bot deleted the renovate/pypi-ansible-vulnerability branch

March 27, 2026 01:17

renovate Bot changed the title ~~Update dependency ansible to v7 [SECURITY] - autoclosed~~ Update dependency ansible to v7 [SECURITY]

renovate Bot reopened this

renovate Bot force-pushed the renovate/pypi-ansible-vulnerability branch 2 times, most recently from 4980b96 to 2d3a7f2 Compare

March 30, 2026 20:55

renovate Bot force-pushed the renovate/pypi-ansible-vulnerability branch from 2d3a7f2 to 32fabeb Compare

April 16, 2026 11:56

renovate Bot changed the title ~~Update dependency ansible to v7 [SECURITY]~~ Update dependency ansible to v12 [SECURITY]

renovate Bot changed the title ~~Update dependency ansible to v12 [SECURITY]~~ Update dependency ansible to v12 [SECURITY] - autoclosed

renovate Bot closed this


          Update dependency ansible to v12 [SECURITY]

04cbdcd

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet