DEBIAN-CVE-2020-1739

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/DEBIAN-CVE-2020-1739

Import Source

https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2020-1739.json

JSON Data

https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2020-1739

Upstream

CVE-2020-1739

Published

2020-03-12T18:15:12Z

Modified

2025-09-19T06:05:53Z

Summary

[none]

Details

A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 and prior when a password is set with the argument "password" of svn module, it is used on svn command line, disclosing to other users within the same node. An attacker could take advantage by reading the cmdline file from that particular PID on the procfs.

References

https://security-tracker.debian.org/tracker/CVE-2020-1739

Affected packages

Debian:11 / ansible

Package

Name: ansible
Purl: pkg:deb/debian/ansible?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.9.7+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / ansible

Package

Name: ansible
Purl: pkg:deb/debian/ansible?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.9.7+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / ansible

Package

Name: ansible
Purl: pkg:deb/debian/ansible?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.9.7+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:14 / ansible

Package

Name: ansible
Purl: pkg:deb/debian/ansible?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.9.7+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}