Medium severity5.0OSV Advisory· Published Feb 6, 2024· Updated Jun 17, 2026
CVE-2024-0690
CVE-2024-0690
Description
An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as decrypted secret values.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
ansible-corePyPI | < 2.14.14 | 2.14.14 |
ansible-corePyPI | >= 2.16.0, < 2.16.3 | 2.16.3 |
ansible-corePyPI | >= 2.15.0, < 2.15.9 | 2.15.9 |
Affected products
42- ghsa-coords41 versionspkg:pypi/ansible-corepkg:rpm/almalinux/ansible-corepkg:rpm/almalinux/ansible-testpkg:rpm/opensuse/ansible-core-2.17&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/ansible-core-2.18&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/ansible-core-2.19&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/ansible-core-2.20&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/ansible-core&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/ansible&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/dracut-saltboot&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/golang-github-prometheus-promu&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/POS_Image-Graphical7&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/POS_Image-JeOS7&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/spacecmd&distro=openSUSE%20Leap%2015.5pkg:rpm/suse/ansible&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/ansible&distro=SUSE%20Manager%20Client%20Tools%2015-BETApkg:rpm/suse/ansible&distro=SUSE%20Manager%20Proxy%20Module%204.3pkg:rpm/suse/dracut-saltboot&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/dracut-saltboot&distro=SUSE%20Manager%20Client%20Tools%2015-BETApkg:rpm/suse/dracut-saltboot&distro=SUSE%20Manager%20Client%20Tools%20for%20SLE%20Micro%205pkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Manager%20Client%20Tools%20Beta%20for%20SLE%20Micro%205pkg:rpm/suse/golang-github-prometheus-promu&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP5pkg:rpm/suse/grafana&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/grafana&distro=SUSE%20Manager%20Client%20Tools%2015-BETApkg:rpm/suse/mgr-daemon&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/POS_Image-Graphical7&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/POS_Image-Graphical7&distro=SUSE%20Manager%20Client%20Tools%2015-BETApkg:rpm/suse/POS_Image-JeOS7&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/POS_Image-JeOS7&distro=SUSE%20Manager%20Client%20Tools%2015-BETApkg:rpm/suse/spacecmd&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/spacecmd&distro=SUSE%20Manager%20Client%20Tools%2015-BETApkg:rpm/suse/spacewalk-client-tools&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/spacewalk-client-tools&distro=SUSE%20Manager%20Client%20Tools%2015-BETApkg:rpm/suse/spacewalk-koan&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/supportutils-plugin-susemanager-client&distro=SUSE%20Manager%20Client%20Tools%2015-BETApkg:rpm/suse/uyuni-common-libs&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/uyuni-proxy-systemd-services&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/uyuni-proxy-systemd-services&distro=SUSE%20Manager%20Client%20Tools%20for%20SLE%20Micro%205pkg:rpm/suse/uyuni-proxy-systemd-services&distro=SUSE%20Manager%20Proxy%20Module%204.3pkg:rpm/suse/uyuni-tools&distro=SUSE%20Manager%20Client%20Tools%2015-BETApkg:rpm/suse/uyuni-tools&distro=SUSE%20Manager%20Client%20Tools%20Beta%20for%20SLE%20Micro%205
< 2.14.14+ 40 more
- (no CPE)range: < 2.14.14
- (no CPE)range: < 1:2.14.14-1.el9
- (no CPE)range: < 1:2.14.14-1.el9
- (no CPE)range: < 2.17.6-1.1
- (no CPE)range: < 2.18.10-2.1
- (no CPE)range: < 2.19.4-1.1
- (no CPE)range: < 2.20.6-1.1
- (no CPE)range: < 2.16.9-1.1
- (no CPE)range: < 2.9.27-150000.1.17.2
- (no CPE)range: < 0.1.1710765237.46af599-150000.1.53.2
- (no CPE)range: < 0.14.0-150000.3.18.2
- (no CPE)range: < 0.1.1710765237.46af599-150000.1.21.2
- (no CPE)range: < 0.1.1710765237.46af599-150000.1.21.2
- (no CPE)range: < 4.3.27-150000.3.116.2
- (no CPE)range: < 2.9.27-150000.1.17.2
- (no CPE)range: < 2.9.27-159000.3.12.2
- (no CPE)range: < 2.9.27-150000.1.17.2
- (no CPE)range: < 0.1.1710765237.46af599-150000.1.53.2
- (no CPE)range: < 0.1.1710765237.46af599-159000.3.33.2
- (no CPE)range: < 0.1.1710765237.46af599-150000.1.53.2
- (no CPE)range: < 1.5.0-159000.6.2.1
- (no CPE)range: < 0.14.0-150000.3.18.2
- (no CPE)range: < 9.5.18-150000.1.63.2
- (no CPE)range: < 9.5.16-159000.4.30.2
- (no CPE)range: < 4.3.9-150000.1.47.2
- (no CPE)range: < 0.1.1710765237.46af599-150000.1.21.2
- (no CPE)range: < 0.1.1710765237.46af599-159000.3.24.2
- (no CPE)range: < 0.1.1710765237.46af599-150000.1.21.2
- (no CPE)range: < 0.1.1710765237.46af599-159000.3.24.2
- (no CPE)range: < 4.3.27-150000.3.116.2
- (no CPE)range: < 5.0.5-159000.6.48.2
- (no CPE)range: < 4.3.19-150000.3.89.2
- (no CPE)range: < 5.0.4-159000.6.54.2
- (no CPE)range: < 4.3.6-150000.3.33.2
- (no CPE)range: < 5.0.3-159000.6.21.2
- (no CPE)range: < 4.3.10-150000.1.39.2
- (no CPE)range: < 4.3.12-150000.1.21.2
- (no CPE)range: < 4.3.12-150000.1.21.2
- (no CPE)range: < 4.3.12-150000.1.21.2
- (no CPE)range: < 0.1.7-159000.3.8.1
- (no CPE)range: < 0.1.7-159000.3.8.1
Patches
Vulnerability mechanics
References
19- github.com/ansible/ansible/pull/82565nvdIssue TrackingPatchWEB
- access.redhat.com/errata/RHSA-2024:0733nvdVendor AdvisoryWEB
- access.redhat.com/security/cve/CVE-2024-0690nvdVendor AdvisoryWEB
- github.com/advisories/GHSA-h24r-m9qc-pvpgghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-0690ghsaADVISORY
- access.redhat.com/errata/RHSA-2024:2246nvdWEB
- access.redhat.com/errata/RHSA-2024:3043nvdWEB
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingWEB
- github.com/ansible/ansible/commit/6935c8e303440addd3871ecf8e04bde61080b032ghsaWEB
- github.com/ansible/ansible/commit/78db3a3de6b40fb52d216685ae7cb903c609c3e1ghsaWEB
- github.com/ansible/ansible/commit/b9a03bbf5a63459468baf8895ff74a62e9be4532ghsaWEB
- github.com/ansible/ansible/commit/beb04bc2642c208447c5a936f94310528a1946b1ghsaWEB
- github.com/pypa/advisory-database/tree/main/vulns/ansible-core/PYSEC-2024-36.yamlghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZQGCRDSZL7ONCULMB6ZUHOE4L44KIBPghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VDYSWOCPZMNRU5LWKIEBW4WGWLMTU7WQghsaWEB
- security.netapp.com/advisory/ntap-20250117-0001ghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZQGCRDSZL7ONCULMB6ZUHOE4L44KIBP/nvd
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VDYSWOCPZMNRU5LWKIEBW4WGWLMTU7WQ/nvd
- security.netapp.com/advisory/ntap-20250117-0001/nvd
News mentions
0No linked articles in our index yet.