ansible is vulnerable to information disclosure. The attack exists when an incorrect parameter name is passed to a module having an argument_spec with sub parameters marked as no_log, causing a failure of the task. It exposes data in sub parameter fields as it leaves the data unmasked if it is run with increased verbosity and present in the module invocation arguments for the task.