VulnerableCode Vulnerability Details - VCID-8jka-a46m-vbhv

Search for vulnerabilities

Vulnerability details: VCID-8jka-a46m-vbhv

Essentials
Severities (0)
References (5)
Severity details (0)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-8jka-a46m-vbhv
Aliases	PYSEC-2019-73
Summary	A flaw was found in ansible 2.8.0 before 2.8.4. Fields managing sensitive data should be set as such by no_log feature. Some of these fields in GCP modules are not set properly. service_account_contents() which is common class for all gcp modules is not setting no_log to True. Any sensitive data managed by that function would be leak as an output when running ansible playbooks.
Status	Published
Exploitability	0.5
Weighted Severity	0.0
Risk	None
Affected and Fixed Packages	Package Details

Weaknesses (0)

There are no known CWE.

System	Score	Found at
There are no known severity scores.

Reference id	Reference type	URL
		http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html
		http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html
		https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10217
		https://github.com/ansible/ansible/issues/56269
		https://github.com/ansible/ansible/pull/59427

No exploits are available.

There are no known vectors.

No EPSS data available for this vulnerability.

Date	Actor	Action	Source	VulnerableCode Version
2025-08-01T08:34:56.913351+00:00	PyPI Importer	Import	https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip	37.0.0