CVE-2025-14010

MEDIUM

community.general - Sensitive Credential Exposure via Verbose Debug Output

Title source: llm

Description

A flaw was found in ansible-collection-community-general. This vulnerability allows for information exposure (IE) of sensitive credentials, specifically plaintext passwords, via verbose output when running Ansible with debug modes. Attackers with access to logs could retrieve these secrets and potentially compromise Keycloak accounts or administrative access.

References (5)

Core 5

Core References

Vendor Advisory vdb-entry x_refsource_redhat

https://access.redhat.com/security/cve/CVE-2025-14010

Issue Tracking, Vendor Advisory issue-tracking x_refsource_redhat

https://bugzilla.redhat.com/show_bug.cgi?id=2418774

https://github.com/ansible-collections/community.general/issues/11000

https://github.com/ansible-collections/community.general/pull/11005

https://github.com/ansible-community/ansible-build-data/blob/main/12/CHANGELOG-v12.md#security-fixes

View Writeup ZIP pw:eip

Scores

CVSS v3 5.5

EPSS 0.0011

EPSS Percentile 1.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-532

Status published

Products (12)

ansible-collections/Ansible Community General Collection 10.0.0 - 10.7.6

ansible-collections/Ansible Community General Collection 11.0.0 - 11.4.1

ansible-collections/Ansible Community General Collection 12.0.0 - 12.2.0

ansible-collections/Ansible Community General Collection 7.1.0 - 9.5.13

pypi/ansible 0 - 12.2.0PyPI

Red Hat/Red Hat Ceph Storage 5

Red Hat/Red Hat Ceph Storage 6

Red Hat/Red Hat Ceph Storage 7

Red Hat/Red Hat Ceph Storage 8

Red Hat/Red Hat OpenStack Platform 17.1

... and 2 more

Published Dec 04, 2025

Tracked Since Feb 18, 2026