Arbitrary Code Execution Affecting ansible package, versions [,1.6.4)

Snyk CVSS

Attack Complexity Low

Threat Intelligence

EPSS 13.94% (96^th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk ID SNYK-PYTHON-ANSIBLE-40289
published 3 Mar 2016
disclosed 3 Mar 2016
credit Unknown

Report a new vulnerability Found a mistake?

Introduced: 3 Mar 2016

CVE-2014-4678 Open this link in a new tab CWE-94 Open this link in a new tab

Overview

ansible is a Radically simple IT automation Affected versions of this package are vulnerable to Arbitrary Code Execution due to an incomplete fix for CVE-2014-4657.

References

NVD
Rapid7
Ansible Security