chore(deps): update dependency ansible to v12 [security] #216

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Open

renovate wants to merge 1 commit into main from renovate/pypi-ansible-vulnerability

renovate bot commented Jul 26, 2025 •

edited

Loading

This PR contains the following updates:

Package	Change	Age	Confidence
ansible (source)	`==4.10.0` → `==12.2.0`

GitHub Vulnerability Alerts

CVE-2022-3697

A flaw was found in Ansible in the amazon.aws collection when using the tower_callback parameter from the amazon.aws.ec2_instance module. This flaw allows an attacker to take advantage of this issue as the module is handling the parameter insecurely, leading to the password leaking in the logs.

CVE-2023-5115

An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used to overwrite a file outside of the extraction path.

CVE-2025-14010

A flaw was found in ansible-collection-community-general. This vulnerability allows for information exposure (IE) of sensitive credentials, specifically plaintext passwords, via verbose output when running Ansible with debug modes. Attackers with access to logs could retrieve these secrets and potentially compromise Keycloak accounts or administrative access.

Release Notes

ansible-community/ansible-build-data (ansible)

`v12.2.0`

`v12.1.0`

`v12.0.0`

`v11.13.0`

`v11.12.0`

`v11.11.0`

`v11.10.0`

`v11.9.0`

`v11.8.0`

`v11.7.0`

`v11.6.0`

`v11.5.0`

`v11.4.0`

`v11.3.0`

`v11.2.0`

`v11.1.0`

`v11.0.0`

`v10.7.0`

`v10.6.0`

`v10.5.0`

`v10.4.0`

`v10.3.0`

`v10.2.0`

`v10.1.0`

`v10.0.1`

`v9.13.0`

`v9.12.0`

`v9.11.0`

`v9.10.0`

`v9.9.0`

`v9.8.0`

`v9.7.0`

`v9.6.1`

`v9.5.1`

`v9.4.0`

`v9.3.0`

`v9.2.0`

`v9.1.0`

`v9.0.1`

`v8.7.0`

`v8.6.1`

`v8.6.0`

`v8.3.0`

`v8.2.0`

`v8.1.0`

`v8.0.0`

`v7.7.0`

`v7.6.0`

`v7.5.0`

`v7.4.0`

`v7.1.0`

`v7.0.0`

`v6.7.0`

`v6.6.0`

`v6.5.0`

`v6.4.0`

`v6.3.0`

`v6.2.0`

`v6.1.0`

`v5.9.0`

`v5.8.0`

`v5.7.1`

`v5.7.0`

`v5.6.0`

`v5.5.0`

`v5.4.0`

`v5.3.0`

`v5.2.0`

`v5.1.0`

`v5.0.1`

Configuration

📅 Schedule: Branch creation - "" in timezone Asia/Tokyo, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

renovate bot force-pushed the renovate/pypi-ansible-vulnerability branch from d2bd0b1 to 23d20d2 Compare

December 5, 2025 04:41

renovate bot changed the title ~~chore(deps): update dependency ansible to v8 [security]~~ chore(deps): update dependency ansible to v12 [security]


          chore(deps): update dependency ansible to v12 [security]

5ef32d5

renovate bot force-pushed the renovate/pypi-ansible-vulnerability branch from 23d20d2 to 5ef32d5 Compare

December 6, 2025 02:37

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet