3 matches found
CVE-2026-11819 Community.general: community.general keyring_info — os keyring passphrase returned in plaintext
Module: plugins/modules/keyringinfo.py CVSS 3.1: 5.5 MEDIUM — AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Issue: The module retrieves a passphrase from the OS native keyring GNOME Keyring, macOS Keychain, Windows Credential Manager and places it directly into result"passphrase" with no output suppression...
CVE-2026-11819
The CVE-2026-11819 issue affects the Ansible community.general keyring_info module. The module reads a passphrase from the OS keyring and writes it directly to result["passphrase"] without output suppression. Root cause shows protected input variable (line with no_log=True) but unprotected output...
CVE-2003-1390
CVE-2003-1390 affects RTS CryptoBuddy 1.2 and earlier. The root cause is that bytes 53–55 of a 55‑byte passphrase are stored in plaintext, enabling local users to infer part of the passphrase. The documents do not specify exploitation status or a remediation/patch. No explicit details on affected...