VYPR
Medium severity5.5NVD Advisory· Published Dec 4, 2025· Updated May 20, 2026

CVE-2025-14010

CVE-2025-14010

Description

A flaw was found in ansible-collection-community-general. This vulnerability allows for information exposure (IE) of sensitive credentials, specifically plaintext passwords, via verbose output when running Ansible with debug modes. Attackers with access to logs could retrieve these secrets and potentially compromise Keycloak accounts or administrative access.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
ansiblePyPI
< 12.2.012.2.0

Affected products

9
  • cpe:2.3:a:redhat:community.general:-:*:*:*:*:*:*:*
  • Red Hat/Ceph Storagecpe-rescue4 versions
    cpe:/a:redhat:ceph_storage:5+ 3 more
    • cpe:/a:redhat:ceph_storage:5
    • cpe:/a:redhat:ceph_storage:6
    • cpe:/a:redhat:ceph_storage:7
    • cpe:/a:redhat:ceph_storage:8
  • Red Hat/Openstackcpe-rescue2 versions
    cpe:/a:redhat:openstack:17.1+ 1 more
    • cpe:/a:redhat:openstack:17.1
    • cpe:/a:redhat:openstack:18.0
  • ghsa-coords
    Range: < 12.2.0
  • ansible-collections/Ansible Community General Collectionv5
    Range: 7.1.0

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.