Lucene search
PRIOn knowledge basePRION:CVE-2017-2809HistorySep 14, 2017 - 7:29 p.m.
Input validation
2017-09-1419:29:00
PRIOn knowledge base
www.prio-n.com
2
0.005 Low
EPSS
Percentile
75.8%
An exploitable vulnerability exists in the yaml loading functionality of ansible-vault before 1.0.5. A specially crafted vault can execute arbitrary python commands resulting in command execution. An attacker can insert python into the vault to trigger this vulnerability.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ansible-vault | le | 1.0.4 |
Related
nvd
nvd
CVE-2017-2809
2017-09-14 19:29:00
github
github
Code injection in ansible
2018-07-13 15:16:54
osv
osv
Code injection in ansible
2018-07-13 15:16:54
CVE-2017-2809
2017-09-14 19:29:00
PYSEC-2017-5
2017-09-14 19:29:00
veracode
veracode
Remote Code Execution (RCE)
2017-09-15 00:37:54
cve
cve
CVE-2017-2809
2017-09-14 19:29:00
talos
talos
ansible-vault Yaml Load Code Execution Vulnerability
2017-09-14 00:00:00
cvelist
cvelist
CVE-2017-2809
2017-09-14 00:00:00
talosblog
talosblog