This page aggregates publicly disclosed CVE and security risk information related to ansible-semaphore, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-39059 | An issue in ansible semaphore v.2.8.90 allows a remote attacker to execute arbitrary code via a crafted payload to the extra variables parameter. | [email protected] | 8.8 | 1.43% | 2023-08-28 | 2026-06-17 |
| CVE-2023-28609 | api/auth.go in Ansible Semaphore before 2.8.89 mishandles authentication. | [email protected] | 9.8 | 0.87% | 2023-03-18 | 2026-06-17 |