2 matches found
SUSE CVE-2019-10217
A flaw was found in ansible 2.8.0 before 2.8.4. Fields managing sensitive data should be set as such by nolog feature. Some of these fields in GCP modules are not set properly. serviceaccountcontents which is common class for all gcp modules is not setting nolog to True. Any sensitive data manage...
CVE-2020-1753
Affected software: Ansible Engine via Astra Linux advisory references the same CVE-2020-1753 issue affecting Ansible 2.7.x before 2.7.17, 2.8.x before 2.8.11, and 2.9.x before 2.9.7 when using the k8s module to manage Kubernetes. Vulnerability details: Sensitive parameters (passwords/tokens) are ...