2 matches found
CVE-2021-3702
CVE-2021-3702 (ansible-runner) is a race condition where an attacker can monitor rapid creation/deletion of a temporary directory, substitute their own directory under that name, and gain access to ansible-runner’s private_data_dir on subsequent use. This local, authenticated attack could impact ...
CVE-2021-3702
A race condition flaw was found in ansible-runner, where an attacker could watch for rapid creation and deletion of a temporary directory, substitute their directory at that name, and then have access to ansible-runner's privatedatadir the next time ansible-runner made use of the privatedatadir...