{"id":"CVE-2020-1739","details":"A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 and prior when a password is set with the argument \"password\" of svn module, it is used on svn command line, disclosing to other users within the same node. An attacker could take advantage by reading the cmdline file from that particular PID on the procfs.","aliases":["GHSA-923p-fr2c-g5m2","PYSEC-2020-11"],"modified":"2026-05-15T12:04:05.225511270Z","published":"2020-03-12T18:15:12.337Z","related":["SUSE-SU-2020:3309-1","openSUSE-SU-2022:0081-1","openSUSE-SU-2024:10615-1","openSUSE-SU-2024:14244-1","openSUSE-SU-2024:14536-1","openSUSE-SU-2025:15605-1","openSUSE-SU-2025:15753-1"],"database_specific":{"unresolved_ranges":[{"cpes":["cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"],"extracted_events":[{"last_affected":"8.0"},{"last_affected":"10.0"}],"vendor_product":"debian:debian_linux","source":"CPE_FIELD"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"30"},{"last_affected":"31"},{"last_affected":"32"}],"vendor_product":"fedoraproject:fedora","cpes":["cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*"]},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"3.3.4"},{"introduced":"3.4.0"},{"last_affected":"3.4.5"},{"introduced":"3.5.0"},{"last_affected":"3.5.5"},{"introduced":"3.6.0"},{"last_affected":"3.6.3"}],"vendor_product":"redhat:ansible_tower","cpes":["cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:*"]},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"5.0"}],"vendor_product":"redhat:cloudforms_management_engine","cpes":["cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*"]},{"cpes":["cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*"],"extracted_events":[{"last_affected":"13"}],"vendor_product":"redhat:openstack","source":"CPE_FIELD"}]},"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FWDK3QUVBULS3Q3PQTGEKUQYPSNOU5M3/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QT27K5ZRGDPCH7GT3DRI3LO4IVDVQUB7/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U3IMV3XEIUXL6S4KPLYYM4TVJQ2VNEP2/"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2020/05/msg00005.html"},{"type":"ADVISORY","url":"https://www.debian.org/security/2021/dsa-4950"},{"type":"REPORT","url":"https://github.com/ansible/ansible/issues/67797"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1739"}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"}]}