PYSEC-2024-36

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/ansible-core/PYSEC-2024-36.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2024-36
Aliases
Published
2024-02-06T12:15:00Z
Modified
2024-02-14T07:56:38.927339Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLENOLOG configuration in some scenarios. It was discovered that information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as decrypted secret values.

References

Affected packages

PyPI / ansible-core

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
2.16.0
Fixed
2.16.3
Introduced
2.15.0
Fixed
2.15.9
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.14.4

Affected versions

0.*

0.0.1a1

2.*

2.11.0b1
2.11.0b2
2.11.0b3
2.11.0b4
2.11.0rc1
2.11.0rc2
2.11.0
2.11.1rc1
2.11.1
2.11.2rc1
2.11.2
2.11.3rc1
2.11.3
2.11.4rc1
2.11.4
2.11.5rc1
2.11.5
2.11.6rc1
2.11.6
2.11.7rc1
2.11.7
2.11.8rc1
2.11.8
2.11.9rc1
2.11.9
2.11.10rc1
2.11.10
2.11.11rc1
2.11.11
2.11.12rc1
2.11.12
2.12.0b1
2.12.0b2
2.12.0rc1
2.12.0
2.12.1rc1
2.12.1
2.12.2rc1
2.12.2
2.12.3rc1
2.12.3
2.12.4rc1
2.12.4
2.12.5rc1
2.12.5
2.12.6rc1
2.12.6
2.12.7rc1
2.12.7
2.12.8rc1
2.12.8
2.12.9rc1
2.12.9
2.12.10rc1
2.12.10
2.13.0b0
2.13.0b1
2.13.0rc1
2.13.0
2.13.1rc1
2.13.1
2.13.2rc1
2.13.2
2.13.3rc1
2.13.3
2.13.4rc1
2.13.4
2.13.5rc1
2.13.5
2.13.6rc1
2.13.6
2.13.7rc1
2.13.7
2.13.8rc1
2.13.8
2.13.9rc1
2.13.9
2.13.10rc1
2.13.10
2.13.11rc1
2.13.11
2.13.12rc1
2.13.12
2.13.13rc1
2.13.13
2.14.0b1
2.14.0b2
2.14.0b3
2.14.0rc1
2.14.0rc1.post0
2.14.0rc2
2.14.0
2.14.1rc1
2.14.1
2.14.2rc1
2.14.2
2.14.3rc1
2.14.3
2.14.4rc1
2.15.0
2.15.1rc1
2.15.1
2.15.2rc1
2.15.2
2.15.3rc1
2.15.3
2.15.4rc1
2.15.4
2.15.5rc1
2.15.5
2.15.6rc1
2.15.6
2.15.7rc1
2.15.7
2.15.8
2.15.9rc1
2.16.0
2.16.1rc1
2.16.1
2.16.2
2.16.3rc1