PYSEC-2021-125
See a problem?- Import Source
- https://github.com/pypa/advisory-database/blob/main/vulns/ansible/PYSEC-2021-125.yaml
- JSON Data
- https://api.osv.dev/v1/vulns/PYSEC-2021-125
- Withdrawn
- 2024-08-02T20:32:38Z
- Published
- 2021-06-09T12:15:00Z
- Modified
- 2025-10-09T07:23:18.355010Z
- Summary
- [none]
- Details
-
A flaw was found in Ansible where the secret information present in async_files are getting disclosed when the user changes the jobdir to a world readable directory. Any secret information in an async status file will be readable by a malicious user on that system. This flaw affects Ansible Tower 3.7 and Ansible Automation Platform 1.2.
- References
Affected packages
PyPI / ansible
Package
- Name
- ansible
- View open source insights on deps.dev
- Purl
- pkg:pypi/ansible
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1.*
1.0
1.1
1.2
1.2.1
1.2.2
1.2.3
1.3.0
1.3.1
1.3.2
1.3.3
1.3.4
1.4
1.4.1
1.4.2
1.4.3
1.4.4
1.4.5
1.5
1.5.1
1.5.2
1.5.3
1.5.4
1.5.5
1.6
1.6.1
1.6.2
1.6.3
1.6.4
1.6.5
1.6.6
1.6.7
1.6.8
1.6.9
1.6.10
1.7
1.7.1
1.7.2
1.8
1.8.1
1.8.2
1.8.3
1.8.4
1.9.0
1.9.0.1
1.9.1
1.9.2
1.9.3
1.9.4
1.9.5
1.9.6
2.*
2.0.0
2.0.0.0
2.0.0.1
2.0.0.2
2.0.1.0
2.0.2.0
2.1.0.0
2.1.1.0
2.1.2.0
2.1.3.0
2.1.4.0
2.1.5.0
2.1.6.0
2.2.0.0
2.2.1.0
2.2.2.0
2.2.3.0
2.3.0.0
2.3.1.0
2.3.2.0
2.3.3.0
2.4.0.0
2.4.1.0
2.4.2.0
2.4.3.0
2.4.4.0
2.4.5.0
2.4.6.0
2.5.0a1
2.5.0b1
2.5.0b2
2.5.0rc1
2.5.0rc2
2.5.0rc3
2.5.0
2.5.1
2.5.2
2.5.3
2.5.4
2.5.5
2.5.6
2.5.7
2.5.8
2.5.9
2.5.10
2.5.11
2.5.12
2.5.13
2.5.14
2.5.15
2.6.0a1
2.6.0a2
2.6.0rc1
2.6.0rc2
2.6.0rc3
2.6.0rc4
2.6.0rc5
2.6.0
2.6.1
2.6.2
2.6.3
2.6.4
2.6.5
2.6.6
2.6.7
2.6.8
2.6.9
2.6.10
2.6.11
2.6.12
2.6.13
2.6.14
2.6.15
2.6.16
2.6.17
2.6.18
2.6.19
2.6.20
2.7.0.dev0
2.7.0a1
2.7.0b1
2.7.0rc1
2.7.0rc2
2.7.0rc3
2.7.0rc4
2.7.0
2.7.1
2.7.2
2.7.3
2.7.4
2.7.5
2.7.6
2.7.7
2.7.8
2.7.9
2.7.10
2.7.11
2.7.12
2.7.13
2.7.14
2.7.15
2.7.16
2.7.17
2.7.18
2.8.0a1
2.8.0b1
2.8.0rc1
2.8.0rc2
2.8.0rc3
2.8.0
2.8.1
2.8.2
2.8.3
2.8.4
2.8.5
2.8.6
2.8.7
2.8.8
2.8.9
2.8.10
2.8.11
2.8.12
2.8.13
2.8.14
2.8.15
2.8.16rc1
2.8.16
2.8.17rc1
2.8.17
2.8.18rc1
2.8.18
2.8.19rc1
2.8.19
2.8.20rc1
2.8.20
2.9.0b1
2.9.0rc1
2.9.0rc2
2.9.0rc3
2.9.0rc4
2.9.0rc5
2.9.0
2.9.1
2.9.2
2.9.3
2.9.4
2.9.5
2.9.6
2.9.7
2.9.8
2.9.9
2.9.10
2.9.11
2.9.12
2.9.13
2.9.14rc1
2.9.14
2.9.15rc1
2.9.15
2.9.16rc1
2.9.16
2.9.17rc1
2.9.17
2.9.18rc1
2.9.18
2.9.19rc1
2.9.19
2.9.20rc1
2.9.20
2.9.21rc1
2.9.21
2.9.22rc1
2.9.22
2.9.23rc1
2.9.23
2.9.24rc1
2.9.24
2.9.25rc1
2.9.25
2.9.26rc1
2.9.26
2.9.27rc1
2.9.27
2.10.0a1
2.10.0a2
2.10.0a3
2.10.0a4
2.10.0a5
2.10.0a6
2.10.0a7
2.10.0a8
2.10.0a9
2.10.0b1
2.10.0b2
2.10.0rc1
2.10.0
2.10.1
2.10.2
2.10.3
2.10.4
2.10.5
2.10.6
2.10.7
3.*
3.0.0b1
3.0.0rc1
3.0.0
3.1.0
3.2.0
3.3.0
3.4.0
4.*
4.0.0a1
4.0.0a2
4.0.0a3
4.0.0a4
4.0.0b1
4.0.0b2
4.0.0rc1
4.0.0
4.1.0
4.2.0
4.3.0
4.4.0
4.5.0
4.6.0
4.7.0
4.8.0
4.9.0
4.10.0
5.*
5.0.0a1
5.0.0a2
5.0.0a3
5.0.0b1
5.0.0b2
5.0.0rc1
5.0.0
5.0.1
5.1.0
5.2.0
5.3.0
5.4.0
5.5.0
5.6.0
5.7.0
5.7.1
5.8.0
5.9.0
5.10.0
6.*
6.0.0a1
6.0.0a2
6.0.0a3
6.0.0b1
6.0.0b2
6.0.0rc1
6.0.0
6.1.0
6.2.0
6.3.0
6.4.0
6.5.0
6.6.0
6.7.0
7.*
7.0.0a1
7.0.0a2
7.0.0b1
7.0.0rc1
7.0.0
7.1.0
7.2.0
7.3.0
7.4.0
7.5.0
7.6.0
7.7.0
8.*
8.0.0a1
8.0.0a2
8.0.0a3
8.0.0b1
8.0.0rc1
8.0.0
8.1.0
8.2.0
8.3.0
8.4.0
8.5.0
8.6.0
8.6.1
8.7.0
9.*
9.0.0a1
9.0.0a2
9.0.0a3
9.0.0b1
9.0.0rc1
9.0.0
9.0.1
9.1.0
9.2.0
9.3.0
9.4.0
9.5.0
9.5.1
9.6.0
9.6.1
9.7.0
9.8.0
9.9.0
9.10.0
9.11.0
9.12.0
9.13.0
10.*
10.0.0a1
10.0.0a2
10.0.0a3
10.0.0b1
10.0.0rc1
10.0.0
10.0.1
10.1.0
10.2.0
10.3.0
10.4.0
10.5.0
10.6.0
10.7.0
11.*
11.0.0a1
11.0.0a2
11.0.0b1
11.0.0b2
11.0.0rc1
11.0.0
11.1.0
11.2.0
11.3.0
11.4.0
11.5.0
11.6.0
11.7.0
11.8.0
11.9.0
11.10.0
11.11.0
12.*
12.0.0a1
12.0.0a2
12.0.0a3
12.0.0a4
12.0.0a5
12.0.0a6
12.0.0a7
12.0.0a8
12.0.0a9
12.0.0b1
12.0.0b2
12.0.0b3
12.0.0b4
12.0.0b5
12.0.0rc1
12.0.0
12.1.0
13.*
13.0.0a1
13.0.0a2