vulnerability
FreeBSD: VID-15a04b9f-47cb-11e7-a853-001fbc0f280f: ansible -- Input validation flaw in jinja2 templating system
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 10 | (AV:N/AC:L/Au:N/C:C/I:C/A:C) | Jun 2, 2017 | Jun 3, 2017 | Dec 10, 2025 |
Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
Jun 2, 2017
Added
Jun 3, 2017
Modified
Dec 10, 2025
Description
RedHat security team reports: An input validation flaw was found in Ansible, where it fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, result in code execution.
Solution
freebsd-upgrade-package-ansible
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.