UBUNTU-CVE-2024-0690

Source
https://ubuntu.com/security/CVE-2024-0690
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-0690.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2024-0690
Related
Published
2024-02-06T12:15:00Z
Modified
2024-12-18T16:32:49Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLENOLOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as decrypted secret values.

References

Affected packages

Ubuntu:Pro:14.04:LTS / ansible

Package

Name
ansible
Purl
pkg:deb/ubuntu/ansible?arch=src?distro=esm-infra-legacy/trusty

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.1+dfsg-1
1.3.4+dfsg-1
1.4.0+dfsg-1
1.4.1+dfsg-1
1.4.3+dfsg-1
1.4.4+dfsg-1
1.5.4+dfsg-1
1.5.4+dfsg-1ubuntu0.1~esm2

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:Pro:16.04:LTS / ansible

Package

Name
ansible
Purl
pkg:deb/ubuntu/ansible?arch=src?distro=esm-apps/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.9.2+dfsg-2
1.9.4-1

2.*

2.0.0.2-2
2.0.0.2-2ubuntu1
2.0.0.2-2ubuntu1.1
2.0.0.2-2ubuntu1.2
2.0.0.2-2ubuntu1.3
2.0.0.2-2ubuntu1.3+esm1
2.0.0.2-2ubuntu1.3+esm2
2.0.0.2-2ubuntu1.3+esm3

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:Pro:18.04:LTS / ansible

Package

Name
ansible
Purl
pkg:deb/ubuntu/ansible?arch=src?distro=esm-apps/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.3.1.0+dfsg-2
2.5.0+dfsg-1
2.5.1+dfsg-1
2.5.1+dfsg-1ubuntu0.1
2.5.1+dfsg-1ubuntu0.1+esm1
2.5.1+dfsg-1ubuntu0.1+esm2
2.5.1+dfsg-1ubuntu0.1+esm3

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:20.04:LTS / ansible

Package

Name
ansible
Purl
pkg:deb/ubuntu/ansible?arch=src?distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.8.3+dfsg-1
2.8.6+dfsg-1
2.9.2+dfsg-1
2.9.4+dfsg-1
2.9.6+dfsg-1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:22.04:LTS / ansible

Package

Name
ansible
Purl
pkg:deb/ubuntu/ansible?arch=src?distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.10.7+merged+base+2.10.8+dfsg-1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:22.04:LTS / ansible-core

Package

Name
ansible-core
Purl
pkg:deb/ubuntu/ansible-core?arch=src?distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.12.0-1
2.12.0-1ubuntu0.1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:24.10 / ansible

Package

Name
ansible
Purl
pkg:deb/ubuntu/ansible?arch=src?distro=oracular

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

9.*

9.2.0+dfsg-0ubuntu5

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:24.10 / ansible-core

Package

Name
ansible-core
Purl
pkg:deb/ubuntu/ansible-core?arch=src?distro=oracular

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.16.3-0ubuntu2

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:24.04:LTS / ansible

Package

Name
ansible
Purl
pkg:deb/ubuntu/ansible?arch=src?distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

7.*

7.7.0+dfsg-1
7.7.0+dfsg-3

9.*

9.2.0+dfsg-0ubuntu4
9.2.0+dfsg-0ubuntu5

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:24.04:LTS / ansible-core

Package

Name
ansible-core
Purl
pkg:deb/ubuntu/ansible-core?arch=src?distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.14.9-2
2.14.11-1
2.14.11-2
2.14.13-1
2.16.3-0ubuntu1
2.16.3-0ubuntu2

Ecosystem specific

{
    "ubuntu_priority": "medium"
}