{"id":"CVE-2016-8647","details":"An input validation vulnerability was found in Ansible's mysql_user module before 2.2.1.0, which may fail to correctly change a password in certain circumstances. Thus the previous password would still be active when it should have been changed.","aliases":["GHSA-x4cm-m36h-c6qj","PYSEC-2018-58"],"modified":"2026-04-16T06:19:30.077207648Z","published":"2018-07-26T14:29:00.267Z","related":["SUSE-SU-2020:3309-1","SUSE-SU-2024:1427-1","SUSE-SU-2024:1509-1"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:1685"},{"type":"ADVISORY","url":"https://github.com/ansible/ansible-modules-core/pull/5388"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8647"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/ansible/ansible","events":[{"introduced":"0"},{"fixed":"53629100006d1d8eebe3447235f8b4bf048a3dc0"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"2.2.1.0"}]}}],"versions":["0.0.1","0.01","0.3","0.7","v1.0","v1.1","v1.2","v1.4.0","v1.6.0","v2.0.0-0.1.alpha1","v2.0.0-0.2.alpha2","v2.0.0-0.3.beta1","v2.0.0-0.4.beta2","v2.0.0-0.5.beta3","v2.2.0.0-0.1.rc1","v2.2.0.0-0.2.rc2","v2.2.0.0-0.3.rc3","v2.2.0.0-0.4.rc4","v2.2.0.0-1","v2.2.1.0-0.1.rc1","v2.2.1.0-0.2.rc2","v2.2.1.0-0.3.rc3","v2.2.1.0-0.4.rc4","v2.2.1.0-0.5.rc5"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-8647.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"4.1"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N"}]}