Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:22061
HistoryDec 02, 2019 - 7:55 a.m.

OS Command Injection

2019-12-0207:55:53
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11

EPSS

0.001

Percentile

16.0%

ansible is vulnerable to OS command injection. The boot function in solaris_zone.py accepts an unsanitized zone name into an os.system() call which would potentially allow an attacker to inject and execute arbitrary OS commands.