VYPR
High severityNVD Advisory· Published Oct 23, 2018· Updated Aug 5, 2024

CVE-2018-16837

CVE-2018-16837

Description

Ansible "User" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as passphrases credentials passed as a parameter for the ssh-keygen executable. Showing those credentials in clear text form for every user which have access just to the process list.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
ansiblePyPI
>= 2.7.0a1, < 2.7.12.7.1
ansiblePyPI
>= 2.6.0a1, < 2.6.72.6.7
ansiblePyPI
< 2.5.112.5.11

Affected products

151

Patches

Vulnerability mechanics

References

27

News mentions

0

No linked articles in our index yet.