DEBIAN-CVE-2019-10156

DEBIAN-CVE-2019-10156 PUBLISHED CVSS 5.400000095367432 MEDIUM

A flaw was discovered in the way Ansible templating was implemented in versions before 2.6.18, 2.7.12 and 2.8.2, causing the possibility of information disclosure through unexpected variable substitution. By taking advantage of unintended variable substitution the content of any variable may be disclosed.

Risk Scores

CVSS v3.1

5.400000095367432

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Affected Products

Vendor	Product	Versions
Debian:12	ansible	0, 0, 0
Debian:14	ansible	0, 0, 0
Debian:11	ansible	0, 0, 0
Debian:13	ansible	0, 0, 0

Timeline

Jul 30, 2019 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2019-10156 advisory

Open in Interactive Console →