Oval Definition:	oval:org.opensuse.security:def:20144966
Revision Date: 2022-06-30 Version: 1 Title: CVE-2014-4966 Description: Ansible before 1.6.7 does not prevent inventory data with "{{" and "lookup" substrings, and does not prevent remote data with "{{" substrings, which allows remote attackers to execute arbitrary code via (1) crafted lookup('pipe') calls or (2) crafted Jinja2 data. Family: unix Class: vulnerability Status: Reference(s): Mitre CVE-2014-4966 SUSE CVE-2014-4966 Platform(s): openSUSE Tumbleweed SUSE OpenStack Cloud 7 Product(s): Definition Synopsis SUSE OpenStack Cloud 7 is installed AND ansible is affected Definition Synopsis openSUSE Tumbleweed is installed AND ansible-2.2.0.0-1.1 is installed
BACK