VDB

PYSEC-2021-106

PYSEC-2021-106 PUBLISHED

A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.

Affected Products

VendorProductVersions
PyPIansible*, 1.8.1, 0

Timeline

  • May 26, 2021 CVE Published
  • Nov 8, 2023 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›