A data disclosure flaw was found in ansible. Password prompts in ansible-playbook and ansible-cli tools could expose passwords with special characters as they are not properly wrapped. A password with special characters is exposed starting with the first of these special characters. The highest threat from this vulnerability is to data confidentiality.
This CVE exists due to an incomplete fix for CVE-2019-10206.
lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html
lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html
access.redhat.com/errata/RHSA-2020:0756
bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14856
github.com/ansible/ansible
github.com/ansible/ansible/commit/7f4befdea77045fa83b5f2b304bd5e16b219f74c
github.com/ansible/ansible/pull/63351
nvd.nist.gov/vuln/detail/CVE-2019-14856