SecuritySpace - CVE-2020-14330

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2020-14330

Description: An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive data is exposed to content and json output. This flaw allows an attacker to access the logs or outputs of performed tasks to read keys used in playbooks from other users within the uri module. The highest threat from this vulnerability is to data confidentiality.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2020-14330
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14330
Debian Security Information: DSA-4950 (Google Search)
https://www.debian.org/security/2021/dsa-4950
https://github.com/ansible/ansible/issues/68400
https://github.com/ansible/ansible/issues/68400

CVE ID:	CVE-2020-14330
Description:	An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive data is exposed to content and json output. This flaw allows an attacker to access the logs or outputs of performed tasks to read keys used in playbooks from other users within the uri module. The highest threat from this vulnerability is to data confidentiality.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2020-14330 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14330 Debian Security Information: DSA-4950 (Google Search) https://www.debian.org/security/2021/dsa-4950 https://github.com/ansible/ansible/issues/68400 https://github.com/ansible/ansible/issues/68400