Vulnerabilities

CVE-2017-2809

by Fred · 14/09/2017

An exploitable vulnerability exists in the yaml loading functionality of ansible-vault before 1.0.5. A specially crafted vault can execute arbitrary python commands resulting in command execution. An attacker can insert python into the vault to trigger this vulnerability.

Date published : 2017-09-14

http://www.securityfocus.com/bid/100824

https://github.com/tomoh1r/ansible-vault/blob/v1.0.5/CHANGES.txt

Similar

Tags: Cybersecurity Alert