VYPR
Medium severity5.5NVD Advisory· Published Mar 16, 2022· Updated Jun 17, 2026

CVE-2021-20180

CVE-2021-20180

Description

A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
ansiblePyPI
>= 2.8.0a1, < 2.8.192.8.19
ansiblePyPI
>= 2.9.0b1, < 2.9.182.9.18

Affected products

79

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.