4 matches found
CVE-2021-3583
A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-line YAML strings and the facts being handled do not routinely include special template characters...
ansible: Template Injection through yaml multi-line strings with ansible facts used in template.
A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-line YAML strings and the facts being handled do not routinely include special template characters...
ansible: Template Injection through yaml multi-line strings with ansible facts used in template.
A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-line YAML strings and the facts being handled do not routinely include special template characters...
PT-2020-5206
Name of the Vulnerable Software and Affected Versions Ansible Engine versions 2.7.x through 2.7.17 Ansible Engine versions 2.8.x through 2.8.9 Ansible Engine versions 2.9.x through 2.9.6 Description A flaw was found in Ansible Engine when using ansible facts as a subkey of itself and promoting it...