A race condition flaw was found in ansible-runner, where an attacker could watch for rapid creation and deletion of a temporary directory, substitute their directory at that name, and then have access to ansible-runner's privatedatadir the next time ansible-runner made use of the privatedatadir. The highest Threat out of this flaw is to integrity and confidentiality.
{ "nvd_published_at": "2022-08-23T16:15:00Z", "cwe_ids": [ "CWE-362", "CWE-377" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2022-09-01T22:17:50Z" }