[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-OPENSUSE-SU-2020:0523-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":30,"duplicates":31,"related":32,"reserved_at":9,"published_at":41,"modified_at":42,"state":9,"summary":43,"references_raw":45,"kevs":126,"epss":9,"epss_history":127,"metrics":128,"affected":129},"OPENSUSE-SU-2020:0523-1","Security update for ansible\n\nThis update for ansible to version 2.9.6 fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2019-14904: Fixed a vulnerability in solaris_zone module via crafted solaris zone (boo#1157968).\n- CVE-2019-14905: Fixed an issue where malicious code could craft filename in nxos_file_copy module (boo#1157969).\n- CVE-2019-14864: Fixed Splunk and Sumologic callback plugins leak sensitive data in logs (boo#1154830).\n- CVE-2019-14846: Fixed secrets disclosure on logs due to display is hardcoded to DEBUG level (boo#1153452)\n- CVE-2019-14856: Fixed insufficient fix for CVE-2019-10206 (boo#1154232)\n- CVE-2019-14858: Fixed data in the sub parameter fields that will not be masked\n  and will be displayed when run with increased verbosity (boo#1154231) \n- CVE-2019-10206: ansible-playbook -k and ansible cli tools prompt passwords by\n  expanding them from templates as they could contain special characters. \n  Passwords should be wrapped to prevent templates trigger and exposing them. (boo#1142690)\n- CVE-2019-10217: Fields managing sensitive data should be set as such by no_log\n  feature. Some of these fields in GCP modules are not set properly. \n  service_account_contents() which is common class for all gcp modules is not \n  setting no_log to True. Any sensitive data managed by that function would be \n  leak as an output when running ansible playbooks. (boo#1144453)\n\nThis update was imported from the openSUSE:Leap:15.1:Update update project.",null,[],[],[],[14,16,18,20,22,24,26,28],{"_key":15},"CVE-2019-10206",{"_key":17},"CVE-2019-10217",{"_key":19},"CVE-2019-14846",{"_key":21},"CVE-2019-14856",{"_key":23},"CVE-2019-14858",{"_key":25},"CVE-2019-14864",{"_key":27},"CVE-2019-14904",{"_key":29},"CVE-2019-14905",[],[],[33,34,35,36,37,38,39,40],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},{"_key":29},"2020-04-16T04:12:24Z","2026-02-04T02:28:08.545906Z",{"cisa_kev":44,"cisa_ransomware":44,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[46,52,57,61,65,69,73,77,81,85,89,93,98,102,106,110,114,118,122],{"url":47,"sources":48,"tags":50},"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3SH4AT6KRZ24IXOK2Y7INQZBHCB55MT7/",[49],"osv_suse",[51],"Advisory",{"url":53,"sources":54,"tags":55},"https://bugzilla.suse.com/1137479",[49],[56],"REPORT",{"url":58,"sources":59,"tags":60},"https://bugzilla.suse.com/1142542",[49],[56],{"url":62,"sources":63,"tags":64},"https://bugzilla.suse.com/1142690",[49],[56],{"url":66,"sources":67,"tags":68},"https://bugzilla.suse.com/1144453",[49],[56],{"url":70,"sources":71,"tags":72},"https://bugzilla.suse.com/1153452",[49],[56],{"url":74,"sources":75,"tags":76},"https://bugzilla.suse.com/1154231",[49],[56],{"url":78,"sources":79,"tags":80},"https://bugzilla.suse.com/1154232",[49],[56],{"url":82,"sources":83,"tags":84},"https://bugzilla.suse.com/1154830",[49],[56],{"url":86,"sources":87,"tags":88},"https://bugzilla.suse.com/1157968",[49],[56],{"url":90,"sources":91,"tags":92},"https://bugzilla.suse.com/1157969",[49],[56],{"url":94,"sources":95,"tags":96},"https://www.suse.com/security/cve/CVE-2019-10206",[49],[97],"WEB",{"url":99,"sources":100,"tags":101},"https://www.suse.com/security/cve/CVE-2019-10217",[49],[97],{"url":103,"sources":104,"tags":105},"https://www.suse.com/security/cve/CVE-2019-14846",[49],[97],{"url":107,"sources":108,"tags":109},"https://www.suse.com/security/cve/CVE-2019-14856",[49],[97],{"url":111,"sources":112,"tags":113},"https://www.suse.com/security/cve/CVE-2019-14858",[49],[97],{"url":115,"sources":116,"tags":117},"https://www.suse.com/security/cve/CVE-2019-14864",[49],[97],{"url":119,"sources":120,"tags":121},"https://www.suse.com/security/cve/CVE-2019-14904",[49],[97],{"url":123,"sources":124,"tags":125},"https://www.suse.com/security/cve/CVE-2019-14905",[49],[97],[],[],[],[130],{"ecosystem":131,"name":132,"vendor":133,"product":134,"cpe_part":9,"purl_type":135,"purl_namespace":133,"purl_name":134,"source":9,"versions":136},"SUSE Linux Enterprise","ansible","suse","ansible&distro=SUSE Package Hub 15 SP1","rpm",[137],{"version":138,"is_range":139,"range_type":140,"version_start":9,"version_start_type":9,"version_end":141,"version_end_type":142,"fixed_in":9},"lt2_9_6_bp151_3_6_1",true,"ecosystem","2.9.6-bp151.3.6.1","excluding"]