{"id":"CVE-2020-25635","details":"A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage collector is not happening after playbook run is completed. Files would remain in the bucket exposing the data. This issue affects directly data confidentiality.","aliases":["GHSA-f556-49jc-4rvc","PYSEC-2020-220"],"modified":"2026-04-10T04:25:12.377272Z","published":"2020-10-05T14:15:13.217Z","references":[{"type":"ADVISORY","url":"https://github.com/ansible-collections/community.aws/issues/222"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25635"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/ansible/ansible","events":[{"introduced":"0"},{"last_affected":"0e68601002de5e4e0b06dde6a8f737ebd3312349"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"2.10.1-rc2"}]}}],"versions":["0.0.1","0.01","0.3","0.7","pre-ansible-base","stable-2.10-branchpoint","stable-2.9-branchpoint","v1.0","v1.1","v1.2","v1.4.0","v1.6.0","v2.0.0-0.1.alpha1","v2.0.0-0.2.alpha2","v2.0.0-0.3.beta1","v2.0.0-0.4.beta2","v2.0.0-0.5.beta3","v2.10.0","v2.10.0b1","v2.10.0rc1","v2.10.0rc2","v2.10.0rc3","v2.10.0rc4","v2.10.1rc2","v2.6.0a1","v2.7.0.a1","v2.8.0a1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-25635.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}]}