Search for packages
| purl | pkg:rpm/redhat/python-openstacksdk@0.11.3-2?arch=el7ost |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-puq1-z5h7-pkdg
Aliases: CVE-2018-16876 GHSA-j569-fghw-f9rx PYSEC-2019-141 |
ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with no_log on that can lead to leakage of sensible data. | There are no reported fixed by versions. |
|
VCID-rknj-nkgs-wyg2
Aliases: CVE-2018-16837 GHSA-hwrm-63v2-42g4 PYSEC-2018-44 |
Ansible "User" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as passphrases credentials passed as a parameter for the ssh-keygen executable. Showing those credentials in clear text form for every user which have access just to the process list. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T14:21:47.766817+00:00 | RedHat Importer | Affected by | VCID-rknj-nkgs-wyg2 | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16837.json | 38.0.0 |
| 2026-04-01T14:21:28.103861+00:00 | RedHat Importer | Affected by | VCID-puq1-z5h7-pkdg | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16876.json | 38.0.0 |