CVE-2014-4657

Опубликовано: 20 фев. 2020

Источник: ubuntu

Приоритет: medium

CVSS2: 7.5

CVSS3: 9.8

Описание

The safe_eval function in Ansible before 1.5.4 does not properly restrict the code subset, which allows remote attackers to execute arbitrary code via crafted instructions.

Релиз	Статус	Примечание
artful	not-affected	1.6.5+dfsg-1
bionic	not-affected	1.6.5+dfsg-1
cosmic	not-affected	1.6.5+dfsg-1
devel	not-affected	1.6.5+dfsg-1
disco	not-affected	1.6.5+dfsg-1
esm-apps/bionic	not-affected	1.6.5+dfsg-1
esm-apps/xenial	not-affected	1.6.5+dfsg-1
esm-infra-legacy/trusty	not-affected	1.5.4+dfsg-1
lucid	DNE
precise	DNE

Показывать по

Ссылки на источники

7.5 High

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

CVE-2014-4657

CVSS3: 9.8

redhat

почти 12 лет назад

The safe_eval function in Ansible before 1.5.4 does not properly restrict the code subset, which allows remote attackers to execute arbitrary code via crafted instructions.

CVE-2014-4657

CVSS3: 9.8

nvd

почти 6 лет назад

The safe_eval function in Ansible before 1.5.4 does not properly restrict the code subset, which allows remote attackers to execute arbitrary code via crafted instructions.

CVE-2014-4657

CVSS3: 9.8

debian

почти 6 лет назад

The safe_eval function in Ansible before 1.5.4 does not properly restr ...

GHSA-qg47-5px9-32g7

CVSS3: 9.8

github

больше 3 лет назад

Ansible Remote Code Execution

7.5 High

CVSS2

9.8 Critical

CVSS3

CVE-2014-4657

Описание

Пакет ansible

Ссылки на источники

Связанные уязвимости