ansible is vulnerable to remote code execution (RCE) through control nodes. This vulnerability exists due to an incomplete fix for CVE-2016-9587.
www.securityfocus.com/bid/97595
access.redhat.com/errata/RHSA-2017:1244
access.redhat.com/errata/RHSA-2017:1334
access.redhat.com/errata/RHSA-2017:1476
access.redhat.com/errata/RHSA-2017:1499
access.redhat.com/errata/RHSA-2017:1599
access.redhat.com/errata/RHSA-2017:1685
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=1391325
bugzilla.redhat.com/show_bug.cgi?id=1408663
bugzilla.redhat.com/show_bug.cgi?id=1418032
bugzilla.redhat.com/show_bug.cgi?id=1422541
bugzilla.redhat.com/show_bug.cgi?id=1434679
bugzilla.redhat.com/show_bug.cgi?id=1439277
bugzilla.redhat.com/show_bug.cgi?id=1440309
bugzilla.redhat.com/show_bug.cgi?id=1444106
bugzilla.redhat.com/show_bug.cgi?id=1444806
bugzilla.redhat.com/show_bug.cgi?id=1445194
bugzilla.redhat.com/show_bug.cgi?id=1445282
bugzilla.redhat.com/show_bug.cgi?id=1446741
bugzilla.redhat.com/show_bug.cgi?id=1446745
bugzilla.redhat.com/show_bug.cgi?id=1447398
bugzilla.redhat.com/show_bug.cgi?id=1447399
bugzilla.redhat.com/show_bug.cgi?id=1448842
bugzilla.redhat.com/show_bug.cgi?id=1449220
bugzilla.redhat.com/show_bug.cgi?id=1449221
bugzilla.redhat.com/show_bug.cgi?id=1450412
bugzilla.redhat.com/show_bug.cgi?id=1450415
bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7466