Vulnerability	Vulnerable Version
M Credential Exposure ansible is a simple IT automation system. Affected versions of this package are vulnerable to Credential Exposure in `amazon.aws.ec2_instance`, which leaks passwords into logs when `tower_callback.windows` is set. This was resolved in version 5.1.0 of the `amazon.aws.ec2_instance` module. Note: You're only vulnerable if you're using the `amazon.aws` collection How to fix Credential Exposure? Upgrade `ansible` to version 7.0.0 or higher.	[2.5.0,7.0.0)
M Information Exposure ansible is a simple IT automation system. Affected versions of this package are vulnerable to Information Exposure where user credentials are disclosed by default in the traceback error message of `set_options`. How to fix Information Exposure? Upgrade `ansible` to version 2.9.27 or higher.	[,2.9.27)

Credential Exposure

ansible is a simple IT automation system.

Affected versions of this package are vulnerable to Credential Exposure in amazon.aws.ec2_instance, which leaks passwords into logs when tower_callback.windows is set. This was resolved in version 5.1.0 of the amazon.aws.ec2_instance module. Note: You're only vulnerable if you're using the amazon.aws collection

How to fix Credential Exposure?

Upgrade ansible to version 7.0.0 or higher.

[2.5.0,7.0.0)

Information Exposure

ansible is a simple IT automation system.

Affected versions of this package are vulnerable to Information Exposure where user credentials are disclosed by default in the traceback error message of set_options.

How to fix Information Exposure?

Upgrade ansible to version 2.9.27 or higher.

[,2.9.27)

Go back to all versions of this package