Lucene search
GoogleOSV:PYSEC-2020-204HistoryFeb 18, 2020 - 3:15 p.m.
PYSEC-2020-204
2020-02-1815:15:00
Google
osv.dev
7
0.014 Low
EPSS
Percentile
86.3%
Ansible before 1.6.7 does not prevent inventory data with “{{” and “lookup” substrings, and does not prevent remote data with “{{” substrings, which allows remote attackers to execute arbitrary code via (1) crafted lookup(‘pipe’) calls or (2) crafted Jinja2 data.
Related
cve
cve
CVE-2014-4966
2020-02-18 15:15:11
osv
osv
Ansible Arbitrary Code Execution
2022-05-17 19:57:30
cvelist
cvelist
CVE-2014-4966
2020-02-18 14:46:28
nessus
nessus
FreeBSD : ansible -- code execution from compromised remote host data or untrusted local data (9dae9d62-205f-11e5-a4a5-002590263bf5)
2015-07-06 00:00:00
Fedora 20 : ansible-1.6.10-1.fc20 (2014-8901)
2014-08-08 00:00:00
Fedora 19 : ansible-1.6.10-1.fc19 (2014-8904)
2014-08-08 00:00:00
prion
prion
Code injection
2020-02-18 15:15:00
debiancve
debiancve
CVE-2014-4966
2020-02-18 15:15:11
github
github
Ansible Arbitrary Code Execution
2022-05-17 19:57:30
nvd
nvd
CVE-2014-4966
2020-02-18 15:15:11
freebsd
freebsd
ubuntucve
ubuntucve
CVE-2014-4966
2020-02-18 00:00:00
veracode
veracode
Arbitrary Code Execution
2017-05-11 05:59:26
securityvulns
securityvulns
[oCERT-2014-004] Ansible input sanitization errors
2014-10-16 00:00:00
Ansible security vulnerabilities
2014-10-16 00:00:00
[oCERT-2014-004] Ansible input sanitization errors
2014-10-16 00:00:00
openvas
openvas
Fedora Update for ansible FEDORA-2014-8901
2014-08-08 00:00:00
Mageia: Security Advisory (MGASA-2014-0350)
2022-01-28 00:00:00
Gentoo Security Advisory GLSA 201411-09
2015-09-29 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: ansible-1.6.10-1.fc20
2014-08-07 15:36:14
[SECURITY] Fedora 19 Update: ansible-1.6.10-1.fc19
2014-08-07 15:26:52
mageia
mageia
Updated ansible package fixes multiple security issues
2014-08-25 12:44:11
gentoo
gentoo
Ansible: Privilege escalation
2014-11-23 00:00:00