VYPR
Medium severity5.5NVD Advisory· Published May 26, 2021· Updated Jun 17, 2026

CVE-2021-20191

CVE-2021-20191

Description

A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality. Versions before ansible 2.9.18 are affected.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
ansiblePyPI
>= 2.9.0a1, < 2.9.18rc12.9.18rc1
ansiblePyPI
< 2.8.19rc12.8.19rc1
ansiblePyPI
>= 2.10.0a1, < 2.10.72.10.7

Affected products

79

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.