CVE-2020-1753

A security flaw was found in the Ansible Engine when managing Kubernetes using the k8s connection plugin. Sensitive parameters such as passwords and tokens are passed to the kubectl command line instead of using environment variables or an input configuration file, which is safer. This flaw...

Information Disclosure

ovirt-ansible-roles is vulnerable to information disclosure attacks. The vulnerability exists as ovirt-ansible-roles before version 1.0.6 has a vulnerability due to a missing nolog directive, resulting in the 'Add oVirt Provider to ManageIQ/CloudForms' playbook inadvertently disclosing admin...

FreeBSD : ansible -- information disclosure flaw (478d4102-2319-4026-b3b2-a57c48f159ac)

ansible developers report : Ansible versions 2.2.3 and earlier are vulnerable to an information disclosure flaw due to the interaction of call back plugins and the nolog directive where the information may not be sanitized properly. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

ansible -- information disclosure flaw

ansible developers report: Ansible versions 2.2.3 and earlier are vulnerable to an information disclosure flaw due to the interaction of call back plugins and the nolog directive where the information may not be sanitized properly...

Information Disclosure

ansible is vulnerable to information disclosure. It is possible because .result attribute of an ansible.executor.taskresult.TaskResult is being sent to the callback plugins without obscuring stdout information when using a nolog directive...

CVE-2017-7473

Ansible versions 2.2.3 and earlier are vulnerable to an information disclosure flaw due to the interaction of call back plugins and the nolog directive information may not be sanitized properly...