Moderate severityNVD Advisory· Published Oct 5, 2020· Updated Aug 4, 2024
CVE-2020-25635
CVE-2020-25635
Description
A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage collector is not happening after playbook run is completed. Files would remain in the bucket exposing the data. This issue affects directly data confidentiality.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
ansiblePyPI | < 2.10.1 | 2.10.1 |
Affected products
2- AWS Community/Community Collectionsv5Range: from 1.0.0 to 1.2.0
Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-f556-49jc-4rvcghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-25635ghsaADVISORY
- bugzilla.redhat.com/show_bug.cgighsax_refsource_CONFIRMWEB
- github.com/ansible-collections/community.aws/issues/222ghsax_refsource_MISCWEB
- github.com/ansible-collections/community.aws/pull/237ghsaWEB
- github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-220.yamlghsaWEB
News mentions
0No linked articles in our index yet.