Your submission was sent successfully! Close

CVE-2020-25635

Published: 5 October 2020

A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage collector is not happening after playbook run is completed. Files would remain in the bucket exposing the data. This issue affects directly data confidentiality.

Priority

Low

CVSS 3 base score: 5.5

Status

Package Release Status
ansible
Launchpad, Ubuntu, Debian
bionic Needs triage

focal Needs triage

groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish Needs triage

jammy Needs triage

precise Does not exist

trusty Needs triage

upstream Not vulnerable
(debian: Vulnerable connection/aws_ssm plugin not included)
xenial Ignored
(end of standard support, was needs-triage)