| CVE-2017-7550 |
critical |
9.8 |
9.8 |
|
|
|
4y ago |
A flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x before 2.4.1) passed certain parameters to the jenkins_plugin module. Remote attackers could use this flaw to expose sensitive infor… |
| CVE-2016-9587 |
high |
— |
9.0 |
|
|
|
8y ago |
Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's handling of data sent from client systems. An attacker with control over a client system being managed … |
| CVE-2014-3498 |
high |
8.8 |
8.8 |
|
|
|
4y ago |
The user module in ansible before 1.6.6 allows remote authenticated users to execute arbitrary commands. |
| CVE-2015-6240 |
high |
7.8 |
7.8 |
|
|
|
9y ago |
The chroot, jail, and zone connection plugins in ansible before 1.9.2 allow local users to escape a restricted environment via a symlink attack. |
| CVE-2016-3096 |
high |
7.8 |
7.8 |
|
|
|
10y ago |
The create_script function in the lxc_container module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on (1) /… |
