Ansible applies security fixes according to the 3-versions-back support policy. Please find more information in our docs.

We encourage responsible disclosure practices for security vulnerabilities. Please read our policies for reporting bugs if you want to report a security issue that might affect Ansible.