{"id":"PYSEC-2019-73","details":"A flaw was found in ansible 2.8.0 before 2.8.4. Fields managing sensitive data should be set as such by no_log feature. Some of these fields in GCP modules are not set properly. service_account_contents() which is common class for all gcp modules is not setting no_log to True. Any sensitive data managed by that function would be leak as an output when running ansible playbooks.","modified":"2023-03-14T07:01:09.380818Z","published":"2019-11-25T16:15:00Z","withdrawn":"2023-03-14T07:01:09.380818Z","references":[{"type":"WEB","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10217"},{"type":"WEB","url":"https://github.com/ansible/ansible/issues/56269"},{"type":"WEB","url":"https://github.com/ansible/ansible/pull/59427"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html"}],"affected":[{"package":{"name":"ansible","ecosystem":"PyPI","purl":"pkg:pypi/ansible"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"2.8.0"},{"fixed":"2.8.4"}]}],"versions":["2.8.0","2.8.1","2.8.2","2.8.3"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/ansible/PYSEC-2019-73.yaml"}}],"schema_version":"1.7.3"}