It was discovered that Ansible did not properly manage directory permissions when running playbooks with an unprivileged become user. A local attacker could possibly use this issue to cause a race condition, escalate privileges and execute arbitrary code. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-1733)
It was discovered that the fix to address CVE-2020-1733 in Ansible was incomplete on systems using ACLs and FUSE filesystems. A local attacker could possibly use this issue to cause a race condition, escalate privileges and execute arbitrary code. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-10744)
It was discovered that Ansible did not properly manage multi-line YAML strings and special template characters. A local attacker could possibly use this issue to cause a template injection, resulting in the disclosure of sensitive information or other unspecified impact. (CVE-2021-3583)
It was discovered that the ansible-connection module in Ansible did not properly manage certain error messages. A local attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 20.04 ESM and Ubuntu 22.04 ESM. (CVE-2021-3620)
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "binaries": [ { "binary_version": "2.0.0.2-2ubuntu1.3+esm1", "binary_name": "ansible" }, { "binary_version": "2.0.0.2-2ubuntu1.3+esm1", "binary_name": "ansible-fireball" }, { "binary_version": "2.0.0.2-2ubuntu1.3+esm1", "binary_name": "ansible-node-fireball" } ] }