Lucene search
K

6 matches found

OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.20 views

Mageia: Security Advisory (MGASA-2014-0350)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.05197EPSS
Exploits0References8
OSV
OSV
added 2020/02/20 3:15 a.m.5 views

CVE-2014-4678

The safeeval function in Ansible before 1.6.4 does not properly restrict the code subset, which allows remote attackers to execute arbitrary code via crafted instructions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-4657...

9.8CVSS9.8AI score0.05197EPSS
Exploits0References12
NVD
NVD
added 2020/02/20 3:15 a.m.30 views

CVE-2014-4678

The safeeval function in Ansible before 1.6.4 does not properly restrict the code subset, which allows remote attackers to execute arbitrary code via crafted instructions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-4657...

9.8CVSS9.8AI score0.05197EPSS
Exploits0References7
CVE
CVE
added 2020/02/20 2:49 a.m.123 views

CVE-2014-4678

The CVE-2014-4678 entry concerns Ansible’s safe_eval function. Version pre-1.6.4 fails to properly restrict the code subset, enabling remote attackers to execute arbitrary code via crafted instructions. This vulnerability is linked to an incomplete fix for CVE-2014-4657 and is described as a remo...

9.8CVSS9.7AI score0.05197EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2020/02/20 2:49 a.m.36 views

CVE-2014-4678

The safeeval function in Ansible before 1.6.4 does not properly restrict the code subset, which allows remote attackers to execute arbitrary code via crafted instructions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-4657...

9.8CVSS8.6AI score0.05197EPSS
Exploits0
Mageia
Mageia
added 2014/08/25 8:44 a.m.56 views

Updated ansible package fixes multiple security issues

Updated ansible package fixes security vulnerabilities: The Ansible platform before version 1.6.7 suffers from input sanitization errors that allow arbitrary code execution as well as information leak, in case an attacker is able to control certain playbook variables CVE-2014-4678, CVE-2014-4966,...

9.8CVSS9.7AI score0.05197EPSS
Exploits0References6
Rows per page
Query Builder