Search for packages
| purl | pkg:pypi/ansible@2.6.0.dev0 |
| Tags | Ghost |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-r6bb-p28b-8fcn
Aliases: CVE-2018-16859 GHSA-v735-2pp6-h86r PYSEC-2018-60 |
Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. A local user with administrator privileges on the machine can view these logs and discover the plaintext password. Ansible Engine 2.8 and older are believed to be vulnerable. |
Affected by 39 other vulnerabilities.
This version is affected by these other vulnerabilities:
Affected by 38 other vulnerabilities.
This version is affected by these other vulnerabilities:
Affected by 45 other vulnerabilities.
This version is affected by these other vulnerabilities:
Affected by 44 other vulnerabilities.
This version is affected by these other vulnerabilities:
Affected by 44 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T12:48:10.032280+00:00 | GitLab Importer | Affected by | VCID-r6bb-p28b-8fcn | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/ansible/CVE-2018-16859.yml | 38.0.0 |