DEBIAN-CVE-2016-8647

Source
https://security-tracker.debian.org/tracker/CVE-2016-8647
Import Source
https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2016-8647.json
JSON Data
https://api.osv.dev/v1/vulns/DEBIAN-CVE-2016-8647
Upstream
Published
2018-07-26T14:29:00Z
Modified
2025-09-30T03:54:40Z
Severity
  • 4.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
Summary
[none]
Details

An input validation vulnerability was found in Ansible's mysql_user module before 2.2.1.0, which may fail to correctly change a password in certain circumstances. Thus the previous password would still be active when it should have been changed.

References

Affected packages

Debian:11 / ansible

Package

Name
ansible
Purl
pkg:deb/debian/ansible?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.0.0-4

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / ansible

Package

Name
ansible
Purl
pkg:deb/debian/ansible?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.0.0-4

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / ansible

Package

Name
ansible
Purl
pkg:deb/debian/ansible?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.0.0-4

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:14 / ansible

Package

Name
ansible
Purl
pkg:deb/debian/ansible?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.0.0-4

Ecosystem specific

{
    "urgency": "not yet assigned"
}