PYSEC-2017-3

See a problem?

Import Source

https://github.com/pypa/advisory-database/blob/main/vulns/ansible/PYSEC-2017-3.yaml

JSON Data

https://api.test.osv.dev/v1/vulns/PYSEC-2017-3

Aliases

Published

2017-06-07T20:29:00Z

Modified

2023-11-01T05:19:14.216481Z

Summary

[none]

Details

The chroot, jail, and zone connection plugins in ansible before 1.9.2 allow local users to escape a restricted environment via a symlink attack.

References

Affected packages

PyPI / ansible

Package

Name: ansible; View open source insights on deps.dev
Purl: pkg:pypi/ansible

Affected ranges

Type: GIT
Repo: https://github.com/ansible/ansible
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

ca2f2c4ebd7b5e097eab0a710f79c1f63badf95b

Fixed

952166f48eb0f5797b75b160fd156bbe1e8fc647

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.9.2

Affected versions

1.*

1.0

1.1

1.2

1.2.1

1.2.2

1.2.3

1.3.0

1.3.1

1.3.2

1.3.3

1.3.4

1.4

1.4.1

1.4.2

1.4.3

1.4.4

1.4.5

1.5

1.5.1

1.5.2

1.5.3

1.5.4

1.5.5

1.6

1.6.1

1.6.2

1.6.3

1.6.4

1.6.5

1.6.6

1.6.7

1.6.8

1.6.9

1.6.10

1.7

1.7.1

1.7.2

1.8

1.8.1

1.8.2

1.8.3

1.8.4

1.9.0

1.9.0.1

1.9.1

Database specific

source

"https://github.com/pypa/advisory-database/blob/main/vulns/ansible/PYSEC-2017-3.yaml"