CVE-2024-0690

See a problem?

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-0690

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-0690.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-0690

Aliases

Related

Published

2024-02-06T12:15:55Z

Modified

2024-09-18T03:24:47.896067Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLENOLOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as decrypted secret values.

References

Affected packages

Debian:11 / ansible

Package

Name: ansible
Purl: pkg:deb/debian/ansible?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.10.7+merged+base+2.10.8+dfsg-1

2.10.7+merged+base+2.10.17+dfsg-0+deb11u1

4.*

4.6.0-1

5.*

5.4.0-1

5.5.0-1

6.*

6.3.0+dfsg-1

6.4.0+dfsg-1

7.*

7.0.0+dfsg-1

7.0.0+dfsg-2

7.1.0+dfsg-1

7.2.0+dfsg-2

7.3.0+dfsg-1

7.7.0+dfsg-1

7.7.0+dfsg-2

7.7.0+dfsg-3

9.*

9.4.0+dfsg-1

9.5.1+dfsg-1

10.*

10.0.0+dfsg-1

10.0.1+dfsg-1

10.1.0+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / ansible

Package

Name: ansible
Purl: pkg:deb/debian/ansible?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.4.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / ansible

Package

Name: ansible
Purl: pkg:deb/debian/ansible?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.4.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / ansible-core

Package

Name: ansible-core
Purl: pkg:deb/debian/ansible-core?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.14.16-0+deb12u1

Affected versions

2.*

2.14.3-1

2.14.6-1

2.14.7-1

2.14.8-1

2.14.9-1

2.14.9-2

2.14.10-1

2.14.11-1

2.14.11-2

2.14.13-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / ansible-core

Package

Name: ansible-core
Purl: pkg:deb/debian/ansible-core?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.16.5-1

Affected versions

2.*

2.14.3-1

2.14.6-1

2.14.7-1

2.14.8-1

2.14.9-1

2.14.9-2

2.14.10-1

2.14.11-1

2.14.11-2

2.14.13-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}