Ralbono

Name of the Vulnerable Software and Affected Versions: ansible versions 2.8.0 through 2.8.3 Description: A flaw was found in the way sensitive data is handled. Fields managing sensitive data should be set as such by the no log feature. However, some fields in GCP modules are not set properly. The `service account contents()` function, which is a common class for all GCP modules, is not setting `no log` to True. As a result, any sensitive data managed by that function would be leaked as an output when running ansible playbooks. Recommendations: For ansible versions 2.8.0 through 2.8.3, consider setting the no log feature to True for fields managing sensitive data in GCP modules to prevent sensitive data leakage. As a temporary workaround, consider modifying the `service account contents()` function to set `no log` to True until a patch is available.