MGASA-2019-0023

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2018-16876

Published: 08 Jan 2019, 21:50

Last modified:16 Apr 2026, 06:24

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

08 Jan 2019, 21:50

Published

Vulnerability first disclosed

16 Apr 2026, 06:24

Last Modified

Vulnerability information updated

Description

Updated ansible package fixes security vulnerability It was found that when a retry task in ansible run with -vvv fails, it will log the raw return code, stdout and stderr from ssh which could have contained sensitive data (CVE-2018-16876).

Affected Systems

mageia•ansible
< 2.4.6.0-1.2.mga6

References (3)

https://advisories.mageia.org/MGASA-2019-0023.html
https://bugs.mageia.org/show_bug.cgi?id=24065
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/ZDHLHZ5V5K5AKBTGPLGFTPK3YNSOC4FY/