Redhat Ansible Automation Platform vulnerabilities

CVE-2021-3681 [MEDIUM] CWE-522 CVE-2021-3681: A flaw was found in Ansible Galaxy Collections. When collections are built manually, any files in th A flaw was found in Ansible Galaxy Collections. When collections are built manually, any files in the repository directory that are not explicitly excluded via the ``build_ignore`` list in "galaxy.yml" include files in the ``.tar.gz`` file. This contains sensitive info, such as the user's Ansible Galaxy API key and any secrets in ``ansible`` or ``ansi

CVE-2021-3583 [HIGH] CWE-20 CVE-2021-3583: A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This iss A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-line YAML strings and the facts being handled do not routinely include special template characters. This flaw allows attackers to perform command injection, whi

CVE-2021-20228 [HIGH] CWE-200 CVE-2021-20228: A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from this vulnerability is to confidentiality.