Back to bug 1856815
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Borja Tarraso | 2020-07-14 14:08:44 UTC | Depends On | 1856819 | |
| Guilherme de Almeida Suckevicz | 2020-07-14 17:57:18 UTC | Summary | Ansible: masked keys for uri module are exposed into content and json output | CVE-2020-14330 Ansible: masked keys for uri module are exposed into content and json output |
| Alias | CVE-2020-14330 | |||
| Borja Tarraso | 2020-07-15 11:14:00 UTC | CC | a.badger, cmeyers, dbecker, gblomqui, gmainwar, hvyas, jjoyce, jschluet, kbasil, kevin, lhh, lpeer, mabashia, maxim, mburns, notting, pcahyna, puebele, rhos-maint, rpetrell, sclewis, slinaber, smcdonal, tvignaud, vbellur | |
| Borja Tarraso | 2020-07-15 11:14:35 UTC | Depends On | 1857185, 1857186 | |
| Borja Tarraso | 2020-07-22 09:24:28 UTC | Depends On | 1859484 | |
| Borja Tarraso | 2020-07-22 11:03:18 UTC | Depends On | 1859536 | |
| Hardik Vyas | 2020-07-23 06:59:37 UTC | Depends On | 1859843 | |
| Hardik Vyas | 2020-07-23 11:27:30 UTC | Comment | 9 | updated |
| Hardik Vyas | 2020-07-23 11:29:00 UTC | Doc Type | --- | If docs needed, set a value |
| Nick Tait | 2020-08-08 22:39:13 UTC | Depends On | 1867337 | |
| Borja Tarraso | 2020-08-11 06:37:08 UTC | Depends On | 1867882, 1867883 | |
| Rick Elrod | 2020-08-11 07:57:56 UTC | Status | NEW | VERIFIED |
| RaTasha Tillery-Smith | 2020-08-12 17:06:33 UTC | Doc Text | An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module. A sensitive data could be exposed into content and json output. An attacker which has access to the logs or outputs of performed tasks and could be able to read keys used in playbooks from other users within uri module. The highest threat from this vulnerability is to data confidentiality. | An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive data is exposed to content and json output. This flaw allows an attacker to access the logs or outputs of performed tasks to read keys used in playbooks from other users within the uri module. The highest threat from this vulnerability is to data confidentiality. |
| PnT Account Manager | 2020-09-10 21:21:15 UTC | CC | vbellur | |
| Borja Tarraso | 2020-10-05 08:51:48 UTC | Fixed In Version | ansible-engine 2.10.0 | ansible-base 2.10.0 |
| Borja Tarraso | 2020-10-05 15:34:29 UTC | Fixed In Version | ansible-base 2.10.0 | ansible-engine 2.9.13 |
| Borja Tarraso | 2020-10-05 15:37:31 UTC | Fixed In Version | ansible-engine 2.9.13 | ansible-engine 2.9.12 |
| Borja Tarraso | 2020-10-13 08:49:08 UTC | Depends On | 1874346 | |
| Borja Tarraso | 2020-10-13 08:50:35 UTC | Depends On | 1874348 | |
| Borja Tarraso | 2020-10-13 08:51:25 UTC | Depends On | 1874350 | |
| Red Hat Bugzilla | 2021-01-26 11:47:14 UTC | CC | gmainwar | |
| Red Hat Bugzilla | 2021-02-02 14:01:03 UTC | CC | jtanner | |
| Red Hat Bugzilla | 2021-04-20 07:45:13 UTC | CC | rpetrell | |
| Red Hat Bugzilla | 2021-06-22 00:26:45 UTC | CC | dbecker | |
| Red Hat Bugzilla | 2021-07-01 12:31:00 UTC | CC | puebele | |
| Lon Hohberger | 2021-07-09 17:18:12 UTC | CC | rhos-maint | |
| Red Hat Bugzilla | 2021-11-02 15:42:16 UTC | CC | notting | |
| Red Hat Bugzilla | 2021-12-15 11:50:54 UTC | CC | cmeyers | |
| Red Hat Bugzilla | 2021-12-20 17:33:31 UTC | CC | sdoran | |
| Michael Kaplan | 2022-10-02 21:47:37 UTC | CC | adudiak, stcannon, tfister | |
| Red Hat Bugzilla | 2023-07-07 08:30:10 UTC | Assignee | security-response-team | nobody |
Back to bug 1856815