0.0005 Low
EPSS
Percentile
16.0%
ansible is vulnerable to OS command injection. The boot function in solaris_zone.py accepts an unsanitized zone name into an os.system() call which would potentially allow an attacker to inject and execute arbitrary OS commands.
boot
solaris_zone.py
os.system()
bugzilla.redhat.com/show_bug.cgi?id=1776944
github.com/ansible/ansible/pull/65686
lists.debian.org/debian-lts-announce/2021/01/msg00023.html
www.debian.org/security/2021/dsa-4950