VulnerableCode Vulnerability Details - VCID-859q-9yzd-j3de

Search for vulnerabilities

Vulnerability details: VCID-859q-9yzd-j3de

Essentials
Severities (0)
References (5)
Severity details (0)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-859q-9yzd-j3de
Aliases	PYSEC-2020-179
Summary	Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, is not respecting the flag no_log set it to True when Sumologic and Splunk callback plugins are used send tasks results events to collectors. This would discloses and collects any sensitive data.
Status	Published
Exploitability	0.5
Weighted Severity	0.0
Risk	None
Affected and Fixed Packages	Package Details

Weaknesses (0)

There are no known CWE.

System	Score	Found at
There are no known severity scores.

Reference id	Reference type	URL
		http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html
		http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html
		https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14864
		https://github.com/ansible/ansible/issues/63522
		https://github.com/ansible/ansible/pull/63527

No exploits are available.

There are no known vectors.

No EPSS data available for this vulnerability.

Date	Actor	Action	Source	VulnerableCode Version
2025-08-01T08:35:05.315317+00:00	PyPI Importer	Import	https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip	37.0.0