Package impact
PyPI / ansible
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-9587 | high | — | 9.0 | 8y ago | Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's handling of data sent from client systems. An attacker with control over a client system being managed … | |||
| CVE-2014-3498 | high | 8.8 | 8.8 | 4y ago | The user module in ansible before 1.6.6 allows remote authenticated users to execute arbitrary commands. | |||
| CVE-2015-6240 | high | 7.8 | 7.8 | 9y ago | The chroot, jail, and zone connection plugins in ansible before 1.9.2 allow local users to escape a restricted environment via a symlink attack. | |||
| CVE-2016-3096 | high | 7.8 | 7.8 | 10y ago | The create_script function in the lxc_container module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on (1) /… |