Untriaged
Permalink
CVE-2024-0690
5.0 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): LOCAL
- Attack complexity (AC): LOW
- Privileges required (PR): LOW
- User interaction (UI): REQUIRED
- Scope (S): UNCHANGED
- Confidentiality impact (C): HIGH
- Integrity impact (I): NONE
- Availability impact (A): NONE
Ansible-core: possible information leak in tasks that ignore ansible_no_log configuration
An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. It was discovered that information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as decrypted secret values.
References
- https://github.com/ansible/ansible/pull/82565
- https://access.redhat.com/security/cve/CVE-2024-0690 x_refsource_REDHAT vdb-entry
- RHBZ#2259013 issue-tracking x_refsource_REDHAT
- https://github.com/ansible/ansible/pull/82565
- RHSA-2024:0733 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2024-0690 x_refsource_REDHAT vdb-entry
- RHBZ#2259013 issue-tracking x_refsource_REDHAT
- RHSA-2024:0733 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2024-0690 x_refsource_REDHAT vdb-entry
- RHBZ#2259013 issue-tracking x_refsource_REDHAT
- https://github.com/ansible/ansible/pull/82565
- RHSA-2024:0733 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2024-0690 x_refsource_REDHAT vdb-entry
- RHBZ#2259013 issue-tracking x_refsource_REDHAT
- https://github.com/ansible/ansible/pull/82565
- RHSA-2024:0733 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2024-0690 x_refsource_REDHAT vdb-entry
- RHBZ#2259013 issue-tracking x_refsource_REDHAT
- https://github.com/ansible/ansible/pull/82565
- RHSA-2024:0733 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2024-0690 x_refsource_REDHAT vdb-entry
- RHBZ#2259013 issue-tracking x_refsource_REDHAT
- https://github.com/ansible/ansible/pull/82565
- RHSA-2024:0733 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2024-0690 x_refsource_REDHAT vdb-entry
- RHBZ#2259013 issue-tracking x_refsource_REDHAT
- https://github.com/ansible/ansible/pull/82565
- RHSA-2024:0733 x_refsource_REDHAT vendor-advisory
- RHSA-2024:2246 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2024-0690 x_refsource_REDHAT vdb-entry
- RHBZ#2259013 issue-tracking x_refsource_REDHAT
- https://github.com/ansible/ansible/pull/82565
- RHSA-2024:0733 x_refsource_REDHAT vendor-advisory
- RHSA-2024:2246 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2024-0690 x_refsource_REDHAT vdb-entry
- RHBZ#2259013 issue-tracking x_refsource_REDHAT
- https://github.com/ansible/ansible/pull/82565
- RHSA-2024:0733 x_refsource_REDHAT vendor-advisory
- RHSA-2024:2246 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2024-0690 x_refsource_REDHAT vdb-entry
- RHBZ#2259013 issue-tracking x_refsource_REDHAT
- https://github.com/ansible/ansible/pull/82565
- RHSA-2024:0733 x_refsource_REDHAT vendor-advisory
- RHSA-2024:2246 x_refsource_REDHAT vendor-advisory
- RHSA-2024:3043 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2024-0690 x_refsource_REDHAT vdb-entry
- RHBZ#2259013 issue-tracking x_refsource_REDHAT
- https://github.com/ansible/ansible/pull/82565
- RHSA-2024:0733 x_refsource_REDHAT vendor-advisory
- RHSA-2024:2246 x_refsource_REDHAT vendor-advisory
- RHSA-2024:3043 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2024-0690 x_refsource_REDHAT vdb-entry
- RHBZ#2259013 issue-tracking x_refsource_REDHAT
- https://github.com/ansible/ansible/pull/82565
- RHSA-2024:0733 x_refsource_REDHAT vendor-advisory
- RHSA-2024:2246 x_refsource_REDHAT vendor-advisory
- RHSA-2024:3043 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2024-0690 x_refsource_REDHAT vdb-entry
- RHBZ#2259013 issue-tracking x_refsource_REDHAT
- https://github.com/ansible/ansible/pull/82565
- RHSA-2024:0733 x_refsource_REDHAT vendor-advisory
- RHSA-2024:2246 x_refsource_REDHAT vendor-advisory
- RHSA-2024:3043 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2024-0690 x_refsource_REDHAT vdb-entry
- RHBZ#2259013 issue-tracking x_refsource_REDHAT
- https://github.com/ansible/ansible/pull/82565
- RHSA-2024:0733 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2024:2246 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2024:3043 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2024-0690 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2259013 issue-tracking x_refsource_REDHAT x_transferred
- https://github.com/ansible/ansible/pull/82565 x_transferred
- RHSA-2024:3043 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2024-0690 x_refsource_REDHAT vdb-entry
- RHBZ#2259013 issue-tracking x_refsource_REDHAT
- https://github.com/ansible/ansible/pull/82565
- RHSA-2024:0733 x_refsource_REDHAT vendor-advisory
- RHSA-2024:2246 x_refsource_REDHAT vendor-advisory
- RHSA-2024:0733 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2024:2246 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2024:3043 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2024-0690 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2259013 issue-tracking x_refsource_REDHAT x_transferred
- https://github.com/ansible/ansible/pull/82565 x_transferred
- RHSA-2024:3043 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2024-0690 x_refsource_REDHAT vdb-entry
- RHBZ#2259013 issue-tracking x_refsource_REDHAT
- https://github.com/ansible/ansible/pull/82565
- RHSA-2024:0733 x_refsource_REDHAT vendor-advisory
- RHSA-2024:2246 x_refsource_REDHAT vendor-advisory
- RHSA-2024:0733 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2024:2246 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2024:3043 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2024-0690 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2259013 issue-tracking x_refsource_REDHAT x_transferred
- https://github.com/ansible/ansible/pull/82565 x_transferred
- RHSA-2024:0733 x_refsource_REDHAT vendor-advisory
- RHSA-2024:2246 x_refsource_REDHAT vendor-advisory
- RHSA-2024:3043 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2024-0690 x_refsource_REDHAT vdb-entry
- RHBZ#2259013 issue-tracking x_refsource_REDHAT
- https://github.com/ansible/ansible/pull/82565
- RHSA-2024:0733 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2024:2246 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2024:3043 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2024-0690 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2259013 issue-tracking x_refsource_REDHAT x_transferred
- https://github.com/ansible/ansible/pull/82565 x_transferred
- RHSA-2024:0733 x_refsource_REDHAT vendor-advisory
- RHSA-2024:2246 x_refsource_REDHAT vendor-advisory
- RHSA-2024:3043 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2024-0690 x_refsource_REDHAT vdb-entry
- RHBZ#2259013 issue-tracking x_refsource_REDHAT
- https://github.com/ansible/ansible/pull/82565
- RHSA-2024:0733 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2024:2246 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2024:3043 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2024-0690 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2259013 issue-tracking x_refsource_REDHAT x_transferred
- https://github.com/ansible/ansible/pull/82565 x_transferred
- RHSA-2024:0733 x_refsource_REDHAT vendor-advisory
- RHSA-2024:2246 x_refsource_REDHAT vendor-advisory
- RHSA-2024:3043 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2024-0690 x_refsource_REDHAT vdb-entry
- RHBZ#2259013 issue-tracking x_refsource_REDHAT
- https://github.com/ansible/ansible/pull/82565
- https://github.com/ansible/ansible/pull/82565 x_transferred
- RHSA-2024:0733 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2024:2246 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2024:3043 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2024-0690 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2259013 issue-tracking x_refsource_REDHAT x_transferred
- RHSA-2024:0733 x_refsource_REDHAT vendor-advisory
- RHSA-2024:2246 x_refsource_REDHAT vendor-advisory
- RHSA-2024:3043 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2024-0690 x_refsource_REDHAT vdb-entry
- RHBZ#2259013 issue-tracking x_refsource_REDHAT
- https://github.com/ansible/ansible/pull/82565
- RHSA-2024:0733 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2024:2246 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2024:3043 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2024-0690 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2259013 issue-tracking x_refsource_REDHAT x_transferred
- https://github.com/ansible/ansible/pull/82565 x_transferred
- https://security.netapp.com/advisory/ntap-20250117-0001/
- RHSA-2024:0733 x_refsource_REDHAT vendor-advisory
- RHSA-2024:2246 x_refsource_REDHAT vendor-advisory
- RHSA-2024:3043 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2024-0690 x_refsource_REDHAT vdb-entry
- RHBZ#2259013 issue-tracking x_refsource_REDHAT
- https://github.com/ansible/ansible/pull/82565
- RHSA-2024:0733 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2024:2246 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2024:3043 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2024-0690 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2259013 issue-tracking x_refsource_REDHAT x_transferred
- https://github.com/ansible/ansible/pull/82565 x_transferred
- https://security.netapp.com/advisory/ntap-20250117-0001/
- RHSA-2024:0733 x_refsource_REDHAT vendor-advisory
- RHSA-2024:2246 x_refsource_REDHAT vendor-advisory
- RHSA-2024:3043 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2024-0690 x_refsource_REDHAT vdb-entry
- RHBZ#2259013 issue-tracking x_refsource_REDHAT
- https://github.com/ansible/ansible/pull/82565
- RHSA-2024:0733 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2024:2246 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2024:3043 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2024-0690 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2259013 issue-tracking x_refsource_REDHAT x_transferred
- https://github.com/ansible/ansible/pull/82565 x_transferred
- https://security.netapp.com/advisory/ntap-20250117-0001/
- RHSA-2024:0733 x_refsource_REDHAT vendor-advisory
- RHSA-2024:2246 x_refsource_REDHAT vendor-advisory
- RHSA-2024:3043 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2024-0690 x_refsource_REDHAT vdb-entry
- RHBZ#2259013 issue-tracking x_refsource_REDHAT
- https://github.com/ansible/ansible/pull/82565
- RHSA-2024:0733 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2024:2246 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2024:3043 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2024-0690 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2259013 issue-tracking x_refsource_REDHAT x_transferred
- https://github.com/ansible/ansible/pull/82565 x_transferred
- https://security.netapp.com/advisory/ntap-20250117-0001/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- RHSA-2024:0733 x_refsource_REDHAT vendor-advisory
- RHSA-2024:2246 x_refsource_REDHAT vendor-advisory
- RHSA-2024:3043 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2024-0690 x_refsource_REDHAT vdb-entry
- RHBZ#2259013 issue-tracking x_refsource_REDHAT
- https://github.com/ansible/ansible/pull/82565
- RHSA-2024:0733 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2024:2246 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2024:3043 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2024-0690 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2259013 issue-tracking x_refsource_REDHAT x_transferred
- https://github.com/ansible/ansible/pull/82565 x_transferred
- https://security.netapp.com/advisory/ntap-20250117-0001/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
Affected products
ansible
- <2.14.4
- ==2.15.9
- ==2.16.3
- <2.15.9
- <2.16.3
- ==2.14.4
ansible-core
- *
Matching in nixpkgs
pkgs.ansible-cmdb
Generate host overview from ansible fact gathering output
-
nixos-unstable -
- nixpkgs-unstable 1.31
pkgs.ansible-lint
Best practices checker for Ansible
-
nixos-unstable -
- nixpkgs-unstable 25.8.2
pkgs.ansible_2_16
Radically simple IT automation
-
nixos-unstable -
- nixpkgs-unstable 2.16.14
pkgs.ansible_2_17
Radically simple IT automation
-
nixos-unstable -
- nixpkgs-unstable 2.17.8
pkgs.ansible_2_18
Radically simple IT automation
-
nixos-unstable -
- nixpkgs-unstable 2.18.8
pkgs.ansible_2_19
Radically simple IT automation
-
nixos-unstable -
- nixpkgs-unstable 2.19.2
pkgs.ansible-doctor
Annotation based documentation for your Ansible roles
-
nixos-unstable -
- nixpkgs-unstable 7.2.0
pkgs.ansible-builder
Ansible execution environment builder
-
nixos-unstable -
- nixpkgs-unstable 3.1.0
pkgs.ansible-navigator
Text-based user interface (TUI) for Ansible
-
nixos-unstable -
- nixpkgs-unstable 25.8.0
pkgs.ansible-language-server
Ansible Language Server
-
nixos-unstable -
- nixpkgs-unstable 1.2.1
pkgs.python312Packages.ansible
Radically simple IT automation
-
nixos-unstable -
- nixpkgs-unstable 11.9.0
pkgs.python313Packages.ansible
Radically simple IT automation
-
nixos-unstable -
- nixpkgs-unstable 11.9.0
pkgs.terraform-providers.ansible
None
-
nixos-unstable -
- nixpkgs-unstable 1.0.4
pkgs.python312Packages.ansible-core
Radically simple IT automation
-
nixos-unstable -
- nixpkgs-unstable 2.19.2
pkgs.python313Packages.ansible-core
Radically simple IT automation
-
nixos-unstable -
- nixpkgs-unstable 2.19.2
pkgs.python312Packages.ansible-compat
Function collection that help interacting with various versions of Ansible
-
nixos-unstable -
- nixpkgs-unstable 25.8.1
pkgs.python312Packages.ansible-kernel
Ansible kernel for Jupyter
-
nixos-unstable -
- nixpkgs-unstable 1.0.0
pkgs.python312Packages.ansible-runner
Helps when interfacing with Ansible
-
nixos-unstable -
- nixpkgs-unstable 2.4.1
pkgs.python312Packages.pytest-ansible
Plugin for pytest to simplify calling ansible modules from tests or fixtures
-
nixos-unstable -
- nixpkgs-unstable 25.8.0
pkgs.python313Packages.ansible-compat
Function collection that help interacting with various versions of Ansible
-
nixos-unstable -
- nixpkgs-unstable 25.8.1
pkgs.python313Packages.ansible-kernel
Ansible kernel for Jupyter
-
nixos-unstable -
- nixpkgs-unstable 1.0.0
pkgs.python313Packages.ansible-runner
Helps when interfacing with Ansible
-
nixos-unstable -
- nixpkgs-unstable 2.4.1
pkgs.python313Packages.pytest-ansible
Plugin for pytest to simplify calling ansible modules from tests or fixtures
-
nixos-unstable -
- nixpkgs-unstable 25.8.0
pkgs.vscode-extensions.redhat.ansible
Ansible language support
-
nixos-unstable -
- nixpkgs-unstable 25.8.1
pkgs.python312Packages.ansible-builder
Ansible execution environment builder
-
nixos-unstable -
- nixpkgs-unstable 3.1.0
pkgs.python313Packages.ansible-builder
Ansible execution environment builder
-
nixos-unstable -
- nixpkgs-unstable 3.1.0
pkgs.python312Packages.ansible-pylibssh
Python bindings to client functionality of libssh specific to Ansible use case
-
nixos-unstable -
- nixpkgs-unstable 1.2.2
pkgs.python312Packages.ansible-vault-rw
This project aim to R/W an ansible-vault yaml file
-
nixos-unstable -
- nixpkgs-unstable 2.1.0
pkgs.python313Packages.ansible-pylibssh
Python bindings to client functionality of libssh specific to Ansible use case
-
nixos-unstable -
- nixpkgs-unstable 1.2.2
pkgs.python313Packages.ansible-vault-rw
This project aim to R/W an ansible-vault yaml file
-
nixos-unstable -
- nixpkgs-unstable 2.1.0
pkgs.python312Packages.jinja2-ansible-filters
Jinja2 Ansible Filters
-
nixos-unstable -
- nixpkgs-unstable jinja2-ansible-filters-1.3.2
pkgs.python313Packages.jinja2-ansible-filters
Jinja2 Ansible Filters
-
nixos-unstable -
- nixpkgs-unstable jinja2-ansible-filters-1.3.2
Package maintainers
-
@robsliwi Robert Sliwinski <r@sliwi.org>
-
@HarisDotParis Haris <git@haris.paris>
-
@Melkor333 Samuel Ruprecht <samuel@ton-kunst.ch>
-
@tie Ivan Trubach <mr.trubach@icloud.com>
-
@tboerger Thomas Boerger <thomas@webhippie.de>
-
@mweinelt Martin Weinelt <hexa@darmstadt.ccc.de>
-
@sengaya Thilo Uttendorfer <tlo@sengaya.de>
-
@dawidd6 Dawid Dziurla <dawidd0811@gmail.com>
-
@geluk Johan Geluk <johan+nix@geluk.io>
-
@GaetanLepage Gaetan Lepage <gaetan@glepage.com>
-
@StillerHarpo Florian Engel <engelflorian@posteo.de>
-
@tjni Theodore Ni <43ngvg@masqt.com>
-
@TheMaxMur Maxim Muravev <muravjev.mak@yandex.ru>