ansible is vulnerable to command execution through a comprised remote system. A compromised remote system managed through ansible can lead to commands being executed on the ansible controller when the user is running the ansible or ansible-playbook command.
rhn.redhat.com/errata/RHSA-2017-0195.html
rhn.redhat.com/errata/RHSA-2017-0260.html
www.securityfocus.com/bid/95352
access.redhat.com/errata/RHSA-2017:0448
access.redhat.com/errata/RHSA-2017:0515
access.redhat.com/errata/RHSA-2017:1685
bugzilla.novell.com/show_bug.cgi?id=1019021
bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9587
github.com/ansible/ansible/commit/d7dd41146a5615f2e6a48c716b511311a0f03a2c
github.com/ansible/ansible/commit/ec84ff6de6eca9224bf3f22b752bb8da806611ed
security.gentoo.org/glsa/201701-77
www.exploit-db.com/exploits/41013/