CVE-2025-2877
MEDIUMDescription
A flaw was found in the Ansible Automation Platform's Event-Driven Ansible. In configurations where verbosity is set to "debug", inventory passwords are exposed in plain text when starting a rulebook activation. This issue exists for any "debug" action in a rulebook and also affects Event Streams.
CVSS v3.1 Score
Weakness Type (CWE)
References
Frequently Asked Questions
What is CVE-2025-2877? +
How severe is CVE-2025-2877? +
How do I check if I'm vulnerable to CVE-2025-2877? +
Related Vulnerabilities
This vulnerability exists in Meon KYC solutions due to debug mode is enabled in certain API endpoints. A remote attacker …
Backpropagate is a Python library for fine-tuning large language models on a single GPU. In versions 1.1.0 and 1.1.1, the …
ai-client-html is an Aimeos e-commerce HTML client component. Debug information revealed sensitive information from environment variables in error log. This …
C300 information leak due to an analysis feature which allows extracting more memory over the network than required by the …
Debug Messages Revealing Unnecessary Information vulnerability in TLA Media GTM Kit gtm-kit allows Retrieve Embedded Sensitive Data.This issue affects GTM …
Apache Airflow versions before 2.10.3 contain a vulnerability that could expose sensitive configuration variables in task logs. This vulnerability allows …