DEBIAN-CVE-2019-14864

Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, is not respecting the flag nolog set it to True when Sumologic and Splunk callback plugins are used send tasks results events to collectors. This would discloses and collects any sensitive data...

PYSEC-2020-179

Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, is not respecting the flag nolog set it to True when Sumologic and Splunk callback plugins are used send tasks results events to collectors. This would discloses and collects any sensitive data...

MGASA-2019-0358 Updated ansible packages fix security vulnerability

Updated ansible package fixes security vulnerability: Splunk and Sumologic callback plugins leak sensitive data in logs CVE-2019-14864...

PT-2020-3040

Name of the Vulnerable Software and Affected Versions Ansible versions 2.7.x through 2.7.14 Ansible versions 2.8.x through 2.8.6 Ansible versions 2.9.x through 2.9.0 Description The issue is related to the absence of consideration for the no log flag in Ansible's system management configuration...

Ansible: Splunk and Sumologic callback plugins leak sensitive data in logs

A data disclosure flaw was found in Ansible when using the Splunk and Sumologic modules, as they are not respecting when the flag nolog is enabled. This flaw can disclose and collect sensitive data from the system and expose it to an attacker...