ansible is vulnerable to information disclosure. The library contains a configuration example for passing Jenkins credentials as parameters. These parameters are logged, allowing a malicious user with access to the logs to have access to view the Jenkins credentials.
access.redhat.com/errata/RHSA-2017:2966
access.redhat.com/security/cve/CVE-2017-7550
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1473645
bugzilla.redhat.com/show_bug.cgi?id=1484910
docs.ansible.com/ansible/2.4/porting_guide_2.4.html
github.com/ansible/ansible/issues/30874