0 Low
EPSS
Percentile
0.0%
ansible is vulnerable to information disclosure. It is possible because .result attribute of an ansible.executor.taskresult.TaskResult is being sent to the callback plugins without obscuring stdout information when using a no_log directive.
.result
ansible.executor.taskresult.TaskResult
bugzilla.redhat.com/show_bug.cgi?id=1440912
github.com/ansible/ansible/issues/22505