VYPR
High severity7.8NVD Advisory· Published Oct 8, 2019· Updated Jun 17, 2026

CVE-2019-14846

CVE-2019-14846

Description

In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible modules, as those are executed in a separate process.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
ansiblePyPI
< 2.6.202.6.20
ansiblePyPI
>= 2.7.0a1, < 2.7.142.7.14
ansiblePyPI
>= 2.8.0a1, < 2.8.62.8.6

Affected products

149

Patches

Vulnerability mechanics

References

18

News mentions

0

No linked articles in our index yet.