CVE-2021-3532 log

Severity Medium
Remote No
Type Information disclosure
A flaw was found in Ansible where the secret information present in async_files are getting disclosed when the user changes the jobdir to a world readable directory. Any secret information in an async status file will be readable by a malicious user on that system. This flaw affects Ansible Tower 3.7 and Ansible Automation Platform 1.2.
Group Package Affected Fixed Severity Status Ticket
AVG-2056 ansible 4.0.0-1 Medium Not affected