8 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-8628
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ansible before version 2.2.0 fails to properly sanitize fact variables sent from the Ansible controller. An attacker with the ability to create special variable...
GHSA-JG4F-JQM5-4MGQ Ansible fails to properly sanitize fact variables sent from the Ansible controller
Ansible before version 2.2.0 fails to properly sanitize fact variables sent from the Ansible controller. An attacker with the ability to create special variables on the controller could execute arbitrary commands on Ansible clients as the user Ansible runs as...
Ansible fails to properly sanitize fact variables sent from the Ansible controller
Ansible before version 2.2.0 fails to properly sanitize fact variables sent from the Ansible controller. An attacker with the ability to create special variables on the controller could execute arbitrary commands on Ansible clients as the user Ansible runs as...
PYSEC-2018-38
Ansible before version 2.2.0 fails to properly sanitize fact variables sent from the Ansible controller. An attacker with the ability to create special variables on the controller could execute arbitrary commands on Ansible clients as the user Ansible runs as...
Design/Logic Flaw
Ansible before version 2.2.0 fails to properly sanitize fact variables sent from the Ansible controller. An attacker with the ability to create special variables on the controller could execute arbitrary commands on Ansible clients as the user Ansible runs as...
CVE-2016-8628
Ansible before version 2.2.0 fails to properly sanitize fact variables sent from the Ansible controller. An attacker with the ability to create special variables on the controller could execute arbitrary commands on Ansible clients as the user Ansible runs as...
PT-2018-5036 · Red Hat +2 · Ansible +2
Name of the Vulnerable Software and Affected Versions: Ansible versions prior to 2.2.0 Description: The issue arises from improper sanitization of fact variables sent from the Ansible controller. An attacker who can create special variables on the controller may be able to execute arbitrary...
ansible: Command injection by compromised server via fact variables
Ansible fails to properly sanitize fact variables sent from the Ansible controller. An attacker with the ability to create special variables on the controller could execute arbitrary commands on Ansible clients as the user Ansible runs as...