Security
Headlines

Headlines Latest CVEs

Headline

GHSA-jpxc-vmjf-9fcj: Ansible vulnerable to Insertion of Sensitive Information into Log File

A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as include_vars to load vaulted variables without setting the no_log: true parameter, resulting in sensitive data being printed in the playbook output or logs. This can lead to the unintentional disclosure of secrets like passwords or API keys, compromising security and potentially allowing unauthorized access or actions.

2 months ago

Ansible vulnerable to Insertion of Sensitive Information into Log File

Moderate severity GitHub Reviewed Published Sep 16, 2024 to the GitHub Advisory Database • Updated Sep 16, 2024

Related news

Red Hat Security Advisory 2024-8969-03

Red Hat Security Advisory 2024-8969-03 - An update is now available for Red Hat Ansible Automation Platform Execution Environments.

4 days ago

#red_hat #js #auth

ghsa: Latest News

GHSA-8fh4-942r-jf2g: LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/device/services.inc.php

1 day ago

GHSA-7q7g-4xm8-89cq: Regular Expression Denial of Service (ReDoS) in @eslint/plugin-kit

1 day ago

GHSA-phm4-wf3h-pc3r: Unpatched Remote Code Execution in Gogs

1 day ago

GHSA-x645-6pf9-xwxw: LibreNMS has an Authenticated OS Command Injection

1 day ago

GHSA-gv4m-f6fx-859x: LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/print-customoid.php

1 day ago