Lucene search
Veracode Vulnerability DatabaseVERACODE:4224HistoryMay 12, 2017 - 6:50 a.m.
Arbitrary Code Execution And Information Leak
2017-05-1206:50:46
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
0.008 Low
EPSS
Percentile
81.9%
ansible is vulnerable to arbitrary code execution and information leakage. It does not properly template the input action arguments Module_args, allowing a malicious user to control the variable data and supply their own options to an action. A malicious user controlling variables passed to the copy or template actions can trigger arbitrary code execution and information leakage.
Related
cve
cve
CVE-2014-4967
2020-02-18 15:15:11
github
github
Ansible Arbitrary Code Execution
2022-05-17 19:57:30
prion
prion
Design/Logic Flaw
2020-02-18 15:15:00
cvelist
cvelist
CVE-2014-4967
2020-02-18 14:49:40
osv
osv
PYSEC-2020-205
2020-02-18 15:15:00
Ansible Arbitrary Code Execution
2022-05-17 19:57:30
nvd
nvd
CVE-2014-4967
2020-02-18 15:15:11
debiancve
debiancve
CVE-2014-4967
2020-02-18 15:15:11
ubuntucve
ubuntucve
CVE-2014-4967
2020-02-18 00:00:00
securityvulns
securityvulns
Ansible security vulnerabilities
2014-10-16 00:00:00
[oCERT-2014-004] Ansible input sanitization errors
2014-10-16 00:00:00
[oCERT-2014-004] Ansible input sanitization errors
2014-10-16 00:00:00
nessus
nessus
Fedora 20 : ansible-1.6.10-1.fc20 (2014-8901)
2014-08-08 00:00:00
Fedora 19 : ansible-1.6.10-1.fc19 (2014-8904)
2014-08-08 00:00:00
GLSA-201411-09 : Ansible: Privilege escalation
2014-11-24 00:00:00
openvas
openvas
Fedora Update for ansible FEDORA-2014-8901
2014-08-08 00:00:00
Mageia: Security Advisory (MGASA-2014-0350)
2022-01-28 00:00:00
Gentoo Security Advisory GLSA 201411-09
2015-09-29 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: ansible-1.6.10-1.fc20
2014-08-07 15:36:14
[SECURITY] Fedora 19 Update: ansible-1.6.10-1.fc19
2014-08-07 15:26:52
mageia
mageia
Updated ansible package fixes multiple security issues
2014-08-25 12:44:11
gentoo
gentoo
Ansible: Privilege escalation
2014-11-23 00:00:00