Information disclosure in Ansible
CVE-2021-20180
A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_p…
EPSS: 0.000 (11.6th percentile) — read the EPSS interpretation.
Affected products
- N/a Ansible — versions Fixed in ansible 2.9.18
Weakness classification (CWE)
References
- bugzilla.redhat.com/show_bug.cgi (x_refsource_MISC)