| CVE-2021-20191 |
AVG-1437 |
Medium |
No |
Information disclosure |
A flaw was found in ansible-collection where credentials such as secrets are being disclosed in console log by default and not protected by no_log feature... |
| CVE-2021-20180 |
AVG-1437 |
Medium |
No |
Information disclosure |
A flaw was found in Ansible before version 2.10.6 where credentials such as secrets are being disclosed in console log by default and not protected by... |
| CVE-2021-20178 |
AVG-1437 |
Medium |
No |
Information disclosure |
A flaw was found in Ansible before version 2.10.6 where the 'authkey' and 'privkey' credentials are disclosed by default and not protected by no_log feature... |
| CVE-2021-3533 |
AVG-2056 |
Medium |
No |
Information disclosure |
A flaw was found in Ansible if an ansible user sets ANSIBLE_ASYNC_DIR to a subdirectory of a world writable directory. When this occurs, there is a race... |
| CVE-2021-3532 |
AVG-2056 |
Medium |
No |
Information disclosure |
A flaw was found in Ansible where the secret information present in async_files are getting disclosed when the user changes the jobdir to a world readable... |
| CVE-2021-3447 |
AVG-1702 |
Medium |
No |
Information disclosure |
A flaw was found in several ansible modules, where parameters containing credentials, such as secrets, were being logged in plain- text on managed nodes, as... |
| CVE-2016-9587 |
AVG-137 |
High |
Yes |
Arbitrary command execution |
An input validation vulnerability was found in ansible's handling of data sent from client systems. An attacker with control over a client system being... |