Ansible is vulnerable to information disclosure. The library leaks sensitive parameters such as passwords and tokens as it passed the sensitive information to kubectl from the command line, not using an environment variable or an input configuration file while managing kubernetes using the k8s module.
access.redhat.com/errata/RHSA-2020:2142
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1753
github.com/advisories/GHSA-86hp-cj9j-33vv
github.com/ansible-collections/kubernetes/pull/51
github.com/ansible/ansible/commit/04ba05e003b268b83df6c106ba5c0f08548b1380
github.com/ansible/ansible/pull/68195
lists.fedoraproject.org/archives/list/[email protected]/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW/
lists.fedoraproject.org/archives/list/[email protected]/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S/
lists.fedoraproject.org/archives/list/[email protected]/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB/
security.gentoo.org/glsa/202006-11
www.debian.org/security/2021/dsa-4950