CVE-2017-7481

Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templating language is now marked as 'unsafe' and is not evaluated.

References

Affected packages

Git / github.com/ansible/ansible

Affected ranges

Type

GIT

Repo

https://github.com/ansible/ansible

Events

Introduced

Fixed

ecb38fdf73a0beb89e9505157a2ea20c96f666d7

Introduced

c7052b42c76bc626c481f22018d3396b84199a24

Fixed

d14467b0294296b9a2b85e0ad150315c2d5a2491

Fixed

ed56f51f185a1ffd7ea57130d260098686fcc7c2

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "2.3.1.0"
        },
        {
            "introduced": "2.3.2.0"
        },
        {
            "fixed": "2.4.0.0"
        }
    ]
}

Affected versions

0.*

0.0.1

0.01

0.3

0.7

v1.*

v1.0

v1.1

v1.2

v1.4.0

v1.6.0

v2.*

v2.0.0-0.1.alpha1

v2.0.0-0.2.alpha2

v2.0.0-0.3.beta1

v2.0.0-0.4.beta2

v2.0.0-0.5.beta3

v2.3.0.0-0.1.rc1

v2.3.0.0-0.2.rc2

v2.3.0.0-0.3.rc3

v2.3.0.0-0.4.rc4

v2.3.0.0-0.5.rc5

v2.3.0.0-0.6.rc6

v2.3.0.0-1

v2.3.1.0-0.1.rc1

v2.3.1.0-0.2.rc2

v2.4.0.0-0.1.rc1

v2.4.0.0-0.2.rc2

v2.4.0.0-0.3.rc3

v2.4.0.0-0.4.rc4

v2.4.0.0-0.5.rc5

Database specific

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "3.3"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "3.4"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "3.5"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "10"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "11"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "2.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "4.1"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "4.1"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "3.2"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "16.04"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "18.04"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "19.04"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "9.0"
            }
        ]
    }
]

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-7481.json"