Количество 4
Количество 4
CVE-2014-4966
Ansible before 1.6.7 does not prevent inventory data with "{{" and "lookup" substrings, and does not prevent remote data with "{{" substrings, which allows remote attackers to execute arbitrary code via (1) crafted lookup('pipe') calls or (2) crafted Jinja2 data.
CVE-2014-4966
Ansible before 1.6.7 does not prevent inventory data with "{{" and "lookup" substrings, and does not prevent remote data with "{{" substrings, which allows remote attackers to execute arbitrary code via (1) crafted lookup('pipe') calls or (2) crafted Jinja2 data.
CVE-2014-4966
Ansible before 1.6.7 does not prevent inventory data with "{{" and "lo ...
GHSA-wqq5-c89p-3wc3
Ansible Arbitrary Code Execution
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2014-4966 Ansible before 1.6.7 does not prevent inventory data with "{{" and "lookup" substrings, and does not prevent remote data with "{{" substrings, which allows remote attackers to execute arbitrary code via (1) crafted lookup('pipe') calls or (2) crafted Jinja2 data. | CVSS3: 9.8 | 5% Низкий | почти 6 лет назад |
 | CVE-2014-4966 Ansible before 1.6.7 does not prevent inventory data with "{{" and "lookup" substrings, and does not prevent remote data with "{{" substrings, which allows remote attackers to execute arbitrary code via (1) crafted lookup('pipe') calls or (2) crafted Jinja2 data. | CVSS3: 9.8 | 5% Низкий | почти 6 лет назад |
| CVE-2014-4966 Ansible before 1.6.7 does not prevent inventory data with "{{" and "lo ... | CVSS3: 9.8 | 5% Низкий | почти 6 лет назад |
| GHSA-wqq5-c89p-3wc3 Ansible Arbitrary Code Execution | CVSS3: 9.8 | 5% Низкий | больше 3 лет назад |
Уязвимостей на страницу