CVE-2021-3620: Generation of Error Message Containing Sensitive Information
(updated )
A flaw was found in Ansible Engine’s ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.
References
Detect and mitigate CVE-2021-3620 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →