exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2017-7481

больше 7 лет назад

Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templating language is now marked as 'unsafe' and is not evaluated.

CVSS3: 9.8

EPSS: Низкий

CVE-2017-7481

почти 9 лет назад

Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templating language is now marked as 'unsafe' and is not evaluated.

CVSS3: 5.3

EPSS: Низкий

CVE-2017-7481

больше 7 лет назад

Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templating language is now marked as 'unsafe' and is not evaluated.

CVSS3: 9.8

EPSS: Низкий

CVE-2017-7481

больше 7 лет назад

Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark loo ...

CVSS3: 9.8

EPSS: Низкий

GHSA-w578-j992-554x

больше 7 лет назад

Ansible fails to properly mark lookup-plugin results as unsafe

CVSS3: 9.8

EPSS: Низкий

BDU:2020-02914

почти 9 лет назад

Уязвимость системы управления конфигурациями Ansible, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю выполнить произвольный код

CVSS3: 7.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2017-7481 Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templating language is now marked as 'unsafe' and is not evaluated.	CVSS3: 9.8	2% Низкий	больше 7 лет назад
CVE-2017-7481 Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templating language is now marked as 'unsafe' and is not evaluated.	CVSS3: 5.3	2% Низкий	почти 9 лет назад
CVE-2017-7481 Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templating language is now marked as 'unsafe' and is not evaluated.	CVSS3: 9.8	2% Низкий	больше 7 лет назад
CVE-2017-7481 Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark loo ...	CVSS3: 9.8	2% Низкий	больше 7 лет назад
GHSA-w578-j992-554x Ansible fails to properly mark lookup-plugin results as unsafe	CVSS3: 9.8	2% Низкий	больше 7 лет назад
BDU:2020-02914 Уязвимость системы управления конфигурациями Ansible, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю выполнить произвольный код	CVSS3: 7.3	2% Низкий	почти 9 лет назад

Уязвимостей на страницу