VDB

GCVE-110-MAGEIA-2018-303

GCVE-110-MAGEIA-2018-303
Advisory Published
Vulnetix · Advisory published July 1, 2018
Ansible prior to 2.4.5 does not honor the no_log task flag for failed tasks. When the no_log flag has been used to protect sensitive data passed to a task from being logged, and that task does not run successfully, Ansible will expose sensitive data in log files and on the terminal of the user running Ansible (CVE-2018-10855).

Affected Products

VendorProductVersionsPlatforms
Mageiaansible0 (affected), 2.4.5.0-1.1.mga5 (unaffected)
Mageiaansible0 (affected), 2.4.5.0-1.1.mga6 (unaffected)

Browse GCVE Records

72,664 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›