VIR Vulnerability Intelligence Relay

Package impact

python PyPI / ansible

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2017-7550 critical 9.8 9.8 4y ago A flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x before 2.4.1) passed certain parameters to the jenkins_plugin module. Remote attackers could use this flaw to expose sensitive infor… debiansuseredhatpython
CVE-2014-3498 high 8.8 8.8 4y ago The user module in ansible before 1.6.6 allows remote authenticated users to execute arbitrary commands. debianpython
CVE-2016-9587 high 8.0 8y ago Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's handling of data sent from client systems. An attacker with control over a client system being managed … debiansusearchpython
CVE-2015-6240 high 7.8 7.8 9y ago The chroot, jail, and zone connection plugins in ansible before 1.9.2 allow local users to escape a restricted environment via a symlink attack. debianpython
CVE-2016-3096 high 7.8 7.8 10y ago The create_script function in the lxc_container module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on (1) /… debianfedorapython