Medium severity5.5NVD Advisory· Published Dec 4, 2025· Updated May 20, 2026
CVE-2025-14010
CVE-2025-14010
Description
A flaw was found in ansible-collection-community-general. This vulnerability allows for information exposure (IE) of sensitive credentials, specifically plaintext passwords, via verbose output when running Ansible with debug modes. Attackers with access to logs could retrieve these secrets and potentially compromise Keycloak accounts or administrative access.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
ansiblePyPI | < 12.2.0 | 12.2.0 |
Affected products
9- cpe:2.3:a:redhat:community.general:-:*:*:*:*:*:*:*
cpe:/a:redhat:ceph_storage:5+ 3 more
- cpe:/a:redhat:ceph_storage:5
- cpe:/a:redhat:ceph_storage:6
- cpe:/a:redhat:ceph_storage:7
- cpe:/a:redhat:ceph_storage:8
- ansible-collections/Ansible Community General Collectionv5Range: 7.1.0
Patches
Vulnerability mechanics
References
9- access.redhat.com/security/cve/CVE-2025-14010nvdVendor AdvisoryWEB
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingVendor AdvisoryWEB
- github.com/advisories/GHSA-8ggh-xwr9-3373ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-14010ghsaADVISORY
- github.com/ansible-collections/community.general/commit/08e56bbb9b57740a879d3057d84cdb02a162b840ghsaWEB
- github.com/ansible-collections/community.general/issues/11000nvdWEB
- github.com/ansible-community/ansible-build-data/blob/12.2.0/12/CHANGELOG-v12.mdghsaWEB
- github.com/ansible-collections/community.general/pull/11005nvd
- github.com/ansible-community/ansible-build-data/blob/main/12/CHANGELOG-v12.mdnvd
News mentions
0No linked articles in our index yet.