ALPINE-CVE-2020-14332

ALPINE-CVE-2020-14332 PUBLISHED CVSS 5.5 MEDIUM

A flaw was found in the Ansible Engine when using module_args. Tasks executed with check mode (--check-mode) do not properly neutralize sensitive data exposed in the event data. This flaw allows unauthorized users to read this data. The highest threat from this vulnerability is to confidentiality.

Risk Scores

CVSS v3.1

5.5

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Products

Vendor	Product	Versions
Alpine:v3.14	ansible-base	1.0-r0, 2.9.9-r0, 2.9.7-r0
Alpine:v3.13	ansible-base	1.7.1-r0, 2.7.0-r1, 2.5.0-r0
Alpine:v3.11	ansible	0, 0.4-r0, 0.5-r0
Alpine:v3.10	ansible	0, 0.3.1-r0, 0.4-r0
Alpine:v3.12	ansible	2.9.1-r0, 2.8.6-r3, 2.8.6-r2

Timeline

Sep 11, 2020 CVE Published
Nov 19, 2025 CVE Updated
Apr 30, 2026 Distribution Patch

References

https://security.alpinelinux.org/vuln/CVE-2020-14332 advisory

Open in Interactive Console →