Safety vulnerability ID: 66667
The information on this page was manually curated by our Cybersecurity Intelligence Team.
A flaw was found in Ansible if an Ansible user sets ANSIBLE_ASYNC_DIR to a subdirectory of a world-writable directory. When this occurs, there is a race condition on the managed machine. A malicious, non-privileged account on the remote machine can exploit the race condition to access the async result data. This flaw affects Ansible Tower 3.7 and Ansible Automation Platform 1.2.
Latest version: 2.17.4
Radically simple IT automation
This vulnerability has no description
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application