0.0005 Low
EPSS
Percentile
17.1%
ansible is vulnerable to information disclosure. The ldap_attr and ldap_entry modules can cause confidential information such as password to be logged in a log file or be displayed on stdout if bind_pw option is set with params.
ldap_attr
ldap_entry
stdout
params
bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1746
github.com/ansible/ansible/pull/67866
www.debian.org/security/2021/dsa-4950