GHSA-h24r-m9qc-pvpg, CVE-2024-0690
pypi/ansible-core
Improper Output Neutralization for Logs
An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLENOLOG configuration in some scenarios. It was discovered that information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as decrypted secret values.
All versions before 2.14.14, all versions starting from 2.15.0b1 before 2.15.9, all versions starting from 2.16.0b1 before 2.16.3
Upgrade to versions 2.15.9, 2.16.3, 2.14.14 or above.
2024-02-07
source |