Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2021-4041HistoryAug 24, 2022 - 4:15 p.m.
CVE-2021-4041
2022-08-2416:15:00
Debian Security Bug Tracker
security-tracker.debian.org
15
0.001 Low
EPSS
Percentile
32.0%
A flaw was found in ansible-runner. An improper escaping of the shell command, while calling the ansible_runner.interface.run_command, can lead to parameters getting executed as host’s shell command. A developer could unintentionally write code that gets executed in the host rather than the virtual environment.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | ansible-runner | < 2.1.1-1 | ansible-runner_2.1.1-1_all.deb |
| Debian | 999 | all | ansible-runner | < 2.1.1-1 | ansible-runner_2.1.1-1_all.deb |
| Debian | 13 | all | ansible-runner | < 2.1.1-1 | ansible-runner_2.1.1-1_all.deb |
Related
cve
cve
CVE-2021-4041
2022-08-24 16:15:00
prion
prion
Command injection
2022-08-24 16:15:00
ibm
ibm
redhat
redhat
(RHSA-2022:0108) Moderate: ansible-runner security and bug fix update
2022-01-11 20:49:29
osv
osv
ansible-runner vulnerable to shell command injection
2022-08-25 00:00:27
PYSEC-2022-253
2022-08-24 16:15:00
CVE-2021-4041
2022-08-24 16:15:09
veracode
veracode
Cross-site Scripting (XSS)
2022-01-14 06:00:47
cvelist
cvelist
CVE-2021-4041
2022-08-24 15:11:13
redhatcve
redhatcve
CVE-2021-4041
2021-12-02 12:06:11
github
github
ansible-runner vulnerable to shell command injection
2022-08-25 00:00:27
nessus
nessus
RHEL 8 : ansible-runner (RHSA-2022:0108)
2024-04-28 00:00:00
ubuntucve
ubuntucve
CVE-2021-4041
2022-08-24 00:00:00