vulnerability
Red Hat: CVE-2019-10156: ansible: unsafe template evaluation of returned module data can lead to information disclosure
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:N/AC:L/Au:S/C:P/I:P/A:N) | Jul 30, 2019 | Jul 9, 2025 | Jul 9, 2025 |
Severity
6
CVSS
(AV:N/AC:L/Au:S/C:P/I:P/A:N)
Published
Jul 30, 2019
Added
Jul 9, 2025
Modified
Jul 9, 2025
Description
A flaw was discovered in the way Ansible templating was implemented in versions before 2.6.18, 2.7.12 and 2.8.2, causing the possibility of information disclosure through unexpected variable substitution. By taking advantage of unintended variable substitution the content of any variable may be disclosed.
Solution
no-fix-redhat-rpm-package
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.