74 matches found
Astra Linux - уязвимость в ansible
A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argumentspec with sub parameters marked as nolog, passing an invalid parameter name to the module will cause the task to fail before the nolog options in the sub parameters are processe...
EUVD-2019-0002
Malware in sbrugna...
EUVD-2020-0007
Malware in sbrugna...
EUVD-2019-0007
Malware in sbrugna...
EUVD-2018-4517
Malware in sbrugna...
EUVD-2021-0004
Malware in sbrugna...
EUVD-2020-3129
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2019-14858
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argumentspec with sub parameters marked as nolog...
Linux Distros Unpatched Vulnerability : CVE-2021-3447
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in several ansible modules, where parameters containing credentials, such as secrets, were being logged in plain-text on managed nodes, as well...
Medium: ansible-core
Issue Overview: A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as includevars to load vaulted variables without setting the nolog: true parameter, resulting in...
Exposure Of Sensitive Information In Log Files
Ansible is vulnerable to Exposure of Sensitive Information in Log Files. The vulnerability is caused due to insufficient protection of sensitive data when the nolog: true parameter is omitted while loading vaulted variables, allowing sensitive information, such as passwords or API keys, to be...
CVE-2024-8775
A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as includevars to load vaulted variables without setting the nolog: true parameter, resulting in sensitive data...
CVE-2024-8775
A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as includevars to load vaulted variables without setting the nolog: true parameter, resulting in sensitive data...
CVE-2024-8775 Ansible-core: exposure of sensitive information in ansible vault files due to improper logging
A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as includevars to load vaulted variables without setting the nolog: true parameter, resulting in sensitive data...
CVE-2024-8775 Ansible-core: exposure of sensitive information in ansible vault files due to improper logging
A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as includevars to load vaulted variables without setting the nolog: true parameter, resulting in sensitive data...
CVE-2024-8775
A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as includevars to load vaulted variables without setting the nolog: true parameter, resulting in sensitive data...
CVE-2024-8775
A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as includevars to load vaulted variables without setting the nolog: true parameter, resulting in sensitive data...
SUSE CVE-2019-14858
A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argumentspec with sub parameters marked as nolog, passing an invalid parameter name to the module will cause the task to fail before the nolog options in the sub parameters are processe...
RHEL 7 : ansible (RHSA-2020:0756)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0756 advisory. Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH a...
GHSA-H653-95QW-H2MP Ansible leaks sensitive information to logs when told not to
A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible tower 3.x up to 3.5. When a module has an argumentspec with sub parameters marked as nolog, passing an invalid parameter name to the module will cause the task to fail before the nolog options in the sub parameters are processe...