CVE-2016-8628

🗓️ 31 Jul 2018 20:00:00Reported by Debian Security Bug TrackerType

debiancve

debiancve🔗 security-tracker.debian.org👁 28 Views

Ansible v2.2.0 fact variable sanitizatio

Reporter	Title	Published	Views	Family All 52
CNVD	Ansible Remote Command Injection Vulnerability	8 Nov 201600:00	–	cnvd
CVE	CVE-2016-8628	31 Jul 201820:00	–	cve
Cvelist	CVE-2016-8628	31 Jul 201820:00	–	cvelist
EUVD	EUVD-2018-0011	7 Oct 202500:30	–	euvd
Fedora	[SECURITY] Fedora 24 Update: ansible-2.2.0.0-3.fc24	7 Nov 201623:35	–	fedora
Fedora	[SECURITY] Fedora 25 Update: ansible-2.2.0.0-3.fc25	19 Nov 201622:01	–	fedora
Tenable Nessus	Fedora 24 : ansible (2016-3113e71193)	8 Nov 201600:00	–	nessus
Tenable Nessus	Fedora 25 : ansible (2016-3ccb098630)	21 Nov 201600:00	–	nessus
Tenable Nessus	openSUSE Security Update : ansible (openSUSE-2017-1259)	13 Nov 201700:00	–	nessus
Tenable Nessus	RHEL 7 : atomic-openshift-utils (RHSA-2016:2778)	4 Dec 201800:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Debian	11	any	ansible	2.2.0.0-1	ansible_2.2.0.0-1_any.deb
Debian	12	any	ansible	2.2.0.0-1	ansible_2.2.0.0-1_any.deb
Debian	13	any	ansible	2.2.0.0-1	ansible_2.2.0.0-1_any.deb
Debian	14	any	ansible	2.2.0.0-1	ansible_2.2.0.0-1_any.deb
Debian	999	any	ansible	2.2.0.0-1	ansible_2.2.0.0-1_any.deb

31 Jul 2018 20:00Current

8.7High risk

Vulners AI Score8.7

CVSS 29

CVSS 37.6 - 9.1

EPSS0.03253

ansible security vulnerability command execution unix