CVE-2025-14010

Опубликовано: 04 дек. 2025

Источник: nvd

CVSS3: 5.5

EPSS Низкий

Описание

A flaw was found in ansible-collection-community-general. This vulnerability allows for information exposure (IE) of sensitive credentials, specifically plaintext passwords, via verbose output when running Ansible with debug modes. Attackers with access to logs could retrieve these secrets and potentially compromise Keycloak accounts or administrative access.

Ссылки

https://access.redhat.com/security/cve/CVE-2025-14010
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2418774
Issue Tracking
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:redhat:community.general:-:*:*:*:*:*:*:*

EPSS

Процентиль: 2%

0.00013

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-532

Связанные уязвимости

CVE-2025-14010

CVSS3: 5.5

ubuntu

2 месяца назад

CVE-2025-14010

CVSS3: 5.5

debian

2 месяца назад

A flaw was found in ansible-collection-community-general. This vulnera ...

GHSA-8ggh-xwr9-3373

CVSS3: 5.5

github

2 месяца назад

Ansible Community General Collection is vulnerable to exposure of sensitive information

EPSS

Процентиль: 2%

0.00013

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-532