MGASA-2017-0399

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2017-7550

Published: 02 Nov 2017, 21:47

Last modified:16 Apr 2026, 06:25

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

02 Nov 2017, 21:47

Published

Vulnerability first disclosed

16 Apr 2026, 06:25

Last Modified

Vulnerability information updated

Description

Updated ansible package fixes security vulnerability A flaw was found in the way Ansible passed certain parameters to the jenkins_plugin module. A remote attacker could use this flaw to expose sensitive information from a remote host's logs. This flaw was fixed by not allowing passwords to be specified in the "params" argument, and noting this in the module documentation (CVE-2017-7550). The ansible package has been updated to version 2.4.1 to fix this issue and several other bugs.

Affected Systems

mageia•ansible
< 2.4.1.0-1.1.mga5
mageia•ansible
< 2.4.1.0-1.1.mga6

MGASA-2017-0399

Vulnerability Summary

Timeline

Description

Affected Systems

References (4)