2 matches found
MiracleLinux 9 : ansible-core-2.14.14-1.el9.ML.1 (AXSA:2024-8083:01)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8083:01 advisory. ansible-core: possible information leak in tasks that ignore ANSIBLENOLOG configuration CVE-2024-0690 Bug Fixes: Update ansible-core to 2.14.14 JIRA:RHEL-237...
Ansible: kubectl connection plugin leaks sensitive information
A security flaw was found in the Ansible Engine when managing Kubernetes using the k8s connection plugin. Sensitive parameters such as passwords and tokens are passed to the kubectl command line instead of using environment variables or an input configuration file, which is safer. This flaw...