A flaw was found in the gcp module of ansible. Certain fields managing sensitive data should be marked by the no_log feature. The service_account_contents(), which is common class for all gcp modules, is not being set as no_log to True. Any sensitive data managed by that function would be leaked as an output when running ansible playbooks. Data confidentiality is the highest threat with this vulnerability.