Lucene search
GoogleOSV:GHSA-WWWH-47WP-M522HistoryMay 13, 2022 - 1:54 a.m.
Ansible Sandbox Escape via Symlink Attack
2022-05-1301:54:10
Google
osv.dev
11
0.0004 Low
EPSS
Percentile
5.1%
The chroot, jail, and zone connection plugins in ansible before 1.9.2 allow local users to escape a restricted environment via a symlink attack.
References
www.openwall.com/lists/oss-security/2015/08/17/10
bugzilla.redhat.com/show_bug.cgi?id=1243468
github.com/ansible/ansible/commit/952166f48eb0f5797b75b160fd156bbe1e8fc647
github.com/ansible/ansible/commit/ca2f2c4ebd7b5e097eab0a710f79c1f63badf95b
lists.debian.org/debian-lts-announce/2019/09/msg00016.html
nvd.nist.gov/vuln/detail/CVE-2015-6240
Related
ubuntucve
ubuntucve
CVE-2015-6240
2017-06-07 00:00:00
prion
prion
Code injection
2017-06-07 20:29:00
osv
osv
PYSEC-2017-3
2017-06-07 20:29:00
ansible - security update
2019-09-16 00:00:00
github
github
Ansible Sandbox Escape via Symlink Attack
2022-05-13 01:54:10
debiancve
debiancve
CVE-2015-6240
2017-06-07 20:29:00
cvelist
cvelist
CVE-2015-6240
2017-06-07 20:00:00
cve
cve
CVE-2015-6240
2017-06-07 20:29:00
nvd
nvd
CVE-2015-6240
2017-06-07 20:29:00
nessus
nessus
FreeBSD : ansible -- multiple vulnerabilities (72fccfdf-2061-11e5-a4a5-002590263bf5)
2015-07-06 00:00:00
Debian DLA-1923-1 : ansible security update
2019-09-17 00:00:00
freebsd
freebsd
ansible -- multiple vulnerabilities
2015-06-25 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-1923-1)
2019-09-17 00:00:00
debian
debian
[SECURITY] [DLA 1923-1] ansible security update
2019-09-16 12:23:29