CVE-2023-5764 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2023-5764 Interim 1 24 2026-03-05T03:51:43Z current 2023-11-04T00:11:28Z 2026-03-05T03:51:43Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2023-5764 A template injection flaw was found in Ansible where a user's controller internal templating operations may remove the unsafe designation from template data. This issue could allow an attacker to use a specially crafted file to introduce templating injection when supplying templating data. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-updates/2024-April/035080.html E-Mail link for SUSE-SU-2024:1427-1 https://lists.suse.com/pipermail/sle-updates/2024-May/035168.html E-Mail link for SUSE-SU-2024:1509-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2Y6RFLPB54N7XR7AP7A2DEXGLBEDEQJU/ E-Mail link for openSUSE-SU-2024:14537-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings HPE Helion OpenStack 8 SUSE Linux Enterprise Server 15 SP4-LTSS SUSE Linux Enterprise Server 15 SP5-LTSS SUSE Linux Enterprise Server 16.0 SUSE Linux Enterprise Server for SAP Applications 15 SP4 SUSE Linux Enterprise Server for SAP Applications 15 SP5 SUSE Manager Client Tools 15 SUSE Manager Client Tools 15-BETA SUSE Manager Proxy Module 4.2 SUSE Manager Proxy Module 4.3 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 openSUSE Leap 15.5 openSUSE Leap 15.6 openSUSE Tumbleweed ansible ansible-2.9.27-150000.1.17.2 ansible-2.9.27-159000.3.12.2 ansible-core ansible-core-2.15.7-1.1 ansible-core-2.16-2.16.9-1.1 ansible-core-2.17-2.17.6-1.1 ansible-core-2.18-2.18.10-2.1 ansible-core-2.18.3-160000.2.2 ansible-core-2.19-2.19.4-1.1 ansible-doc ansible-doc-2.9.27-150000.1.17.2 ansible-doc-2.9.27-159000.3.12.2 ansible-documentation-2.15.7-1.1 ansible-test ansible-test-2.15.7-1.1 ansible-test-2.16-2.16.9-1.1 ansible-test-2.17-2.17.6-1.1 ansible-test-2.18-2.18.10-2.1 ansible-test-2.19-2.19.4-1.1 ansible-test-2.9.27-150000.1.17.2 ansible1 ansible-core-2.18.3-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 ansible-2.9.27-150000.1.17.2 as a component of SUSE Manager Client Tools 15 ansible-doc-2.9.27-150000.1.17.2 as a component of SUSE Manager Client Tools 15 ansible-2.9.27-159000.3.12.2 as a component of SUSE Manager Client Tools 15-BETA ansible-doc-2.9.27-159000.3.12.2 as a component of SUSE Manager Client Tools 15-BETA ansible-2.9.27-150000.1.17.2 as a component of SUSE Manager Proxy Module 4.3 ansible-doc-2.9.27-150000.1.17.2 as a component of SUSE Manager Proxy Module 4.3 ansible-2.9.27-150000.1.17.2 as a component of openSUSE Leap 15.5 ansible-doc-2.9.27-150000.1.17.2 as a component of openSUSE Leap 15.5 ansible-test-2.9.27-150000.1.17.2 as a component of openSUSE Leap 15.5 ansible-core-2.15.7-1.1 as a component of openSUSE Tumbleweed ansible-core-2.16-2.16.9-1.1 as a component of openSUSE Tumbleweed ansible-core-2.17-2.17.6-1.1 as a component of openSUSE Tumbleweed ansible-core-2.18-2.18.10-2.1 as a component of openSUSE Tumbleweed ansible-core-2.19-2.19.4-1.1 as a component of openSUSE Tumbleweed ansible-documentation-2.15.7-1.1 as a component of openSUSE Tumbleweed ansible-test-2.15.7-1.1 as a component of openSUSE Tumbleweed ansible-test-2.16-2.16.9-1.1 as a component of openSUSE Tumbleweed ansible-test-2.17-2.17.6-1.1 as a component of openSUSE Tumbleweed ansible-test-2.18-2.18.10-2.1 as a component of openSUSE Tumbleweed ansible-test-2.19-2.19.4-1.1 as a component of openSUSE Tumbleweed ansible1 as a component of HPE Helion OpenStack 8 ansible as a component of SUSE Linux Enterprise Server 15 SP4-LTSS ansible-core as a component of SUSE Linux Enterprise Server 15 SP4-LTSS ansible as a component of SUSE Linux Enterprise Server 15 SP5-LTSS ansible-core as a component of SUSE Linux Enterprise Server 15 SP5-LTSS ansible as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 ansible-core as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 ansible as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP5 ansible-core as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP5 ansible as a component of SUSE Manager Proxy Module 4.2 ansible-doc as a component of SUSE Manager Proxy Module 4.2 ansible1 as a component of SUSE OpenStack Cloud 8 ansible1 as a component of SUSE OpenStack Cloud 9 ansible as a component of openSUSE Leap 15.6 ansible-core as a component of openSUSE Leap 15.6 ansible-test as a component of openSUSE Leap 15.6 A template injection flaw was found in Ansible where a user's controller internal templating operations may remove the unsafe designation from template data. This issue could allow an attacker to use a specially crafted file to introduce templating injection when supplying templating data. CVE-2023-5764 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP7:ansible-2.9.27-150000.1.17.2 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP7:ansible-doc-2.9.27-150000.1.17.2 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP7:ansible-test-2.9.27-150000.1.17.2 SUSE Linux Enterprise Server 16.0:ansible-core-2.18.3-160000.2.2 SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.17.2 SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.17.2 SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2 SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2 SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.17.2 SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.17.2 openSUSE Leap 15.5:ansible-2.9.27-150000.1.17.2 openSUSE Leap 15.5:ansible-doc-2.9.27-150000.1.17.2 openSUSE Leap 15.5:ansible-test-2.9.27-150000.1.17.2 openSUSE Tumbleweed:ansible-core-2.15.7-1.1 openSUSE Tumbleweed:ansible-core-2.16-2.16.9-1.1 openSUSE Tumbleweed:ansible-core-2.17-2.17.6-1.1 openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1 openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1 openSUSE Tumbleweed:ansible-documentation-2.15.7-1.1 openSUSE Tumbleweed:ansible-test-2.15.7-1.1 openSUSE Tumbleweed:ansible-test-2.16-2.16.9-1.1 openSUSE Tumbleweed:ansible-test-2.17-2.17.6-1.1 openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1 openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1 HPE Helion OpenStack 8:ansible1 SUSE Linux Enterprise Server 15 SP4-LTSS:ansible SUSE Linux Enterprise Server 15 SP4-LTSS:ansible-core SUSE Linux Enterprise Server 15 SP5-LTSS:ansible SUSE Linux Enterprise Server 15 SP5-LTSS:ansible-core SUSE Linux Enterprise Server for SAP Applications 15 SP4:ansible SUSE Linux Enterprise Server for SAP Applications 15 SP4:ansible-core SUSE Linux Enterprise Server for SAP Applications 15 SP5:ansible SUSE Linux Enterprise Server for SAP Applications 15 SP5:ansible-core SUSE OpenStack Cloud 8:ansible1 SUSE OpenStack Cloud 9:ansible1 openSUSE Leap 15.6:ansible openSUSE Leap 15.6:ansible-core openSUSE Leap 15.6:ansible-test moderate 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N