Lucene search
Alpine Linux Development TeamALPINE:CVE-2020-1746HistoryMay 12, 2020 - 6:15 p.m.
CVE-2020-1746
2020-05-1218:15:00
Alpine Linux Development Team
security.alpinelinux.org
18
0.0005 Low
EPSS
Percentile
16.4%
A flaw was found in the Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when the ldap_attr and ldap_entry community modules are used. The issue discloses the LDAP bind password to stdout or a log file if a playbook task is written using the bind_pw in the parameters field. The highest threat from this vulnerability is data confidentiality.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | 3.11-main | noarch | ansible | <Â 2.9.7-r0 | UNKNOWN |
| Alpine | 3.12-main | noarch | ansible | <Â 2.9.7-r0 | UNKNOWN |
| Alpine | 3.13-main | noarch | ansible-base | <Â 2.9.7-r0 | UNKNOWN |
| Alpine | 3.14-main | noarch | ansible-base | <Â 2.9.7-r0 | UNKNOWN |
| Alpine | 3.15-community | noarch | ansible-base | <Â 2.9.7-r0 | UNKNOWN |
| Alpine | 3.9-main | noarch | ansible | <Â 2.7.17-r0 | UNKNOWN |
Related
prion
prion
Design/Logic Flaw
2020-05-12 18:15:00
osv
osv
CVE-2020-1746
2020-05-12 18:15:13
Exposure of Sensitive Information to an Unauthorized Actor in ansible
2021-04-20 16:43:53
PYSEC-2020-13
2020-05-12 18:15:00
cvelist
cvelist
CVE-2020-1746
2020-05-12 17:30:47
cve
cve
CVE-2020-1746
2020-05-12 18:15:00
veracode
veracode
Information Disclosure
2020-03-02 03:56:02
debiancve
debiancve
CVE-2020-1746
2020-05-12 18:15:00
redhatcve
redhatcve
CVE-2020-1746
2020-02-28 19:46:05
github
github
Exposure of Sensitive Information to an Unauthorized Actor in ansible
2021-04-20 16:43:53
ubuntucve
ubuntucve
CVE-2020-1746
2020-05-12 00:00:00
fedora
fedora
[SECURITY] Fedora 30 Update: ansible-2.9.7-1.fc30
2020-04-27 03:07:00
[SECURITY] Fedora 32 Update: ansible-2.9.7-1.fc32
2020-04-27 02:46:08
[SECURITY] Fedora 31 Update: ansible-2.9.7-1.fc31
2020-04-27 04:48:07
openvas
openvas
Fedora: Security Advisory for ansible (FEDORA-2020-1b6ce91e37)
2020-04-30 00:00:00
Fedora: Security Advisory for ansible (FEDORA-2020-f80154b5b4)
2020-04-30 00:00:00
Mageia: Security Advisory (MGASA-2020-0217)
2022-01-28 00:00:00
redhat
redhat
(RHSA-2020:1544) Important: Ansible security and bug fix update (2.7.17)
2020-04-22 13:13:10
(RHSA-2020:1543) Important: Ansible security and bug fix update (2.8.11)
2020-04-22 13:12:57
(RHSA-2020:1541) Important: Ansible security and bug fix update (2.9.7)
2020-04-22 13:12:31
nessus
nessus
Amazon Linux 2 : ansible (ALASANSIBLE2-2023-008)
2023-09-27 00:00:00
mageia
mageia
Updated ansible packages fix security vulnerabilities
2020-05-24 21:04:47
debian
debian
[SECURITY] [DSA 4950-1] ansible security update
2021-08-07 09:26:56
suse
suse
Security update for ansible (important)
2022-03-16 00:00:00