Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/ansible@1.9.6.1
Typepypi
Namespace
Nameansible
Version1.9.6.1
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2.2.0
Latest_non_vulnerable_version12.0.0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-g8tj-eaqr-myaa
vulnerability_id VCID-g8tj-eaqr-myaa
summary The create_script function in the lxc_container module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on (1) /opt/.lxc-attach-script, (2) the archived container in the archive_path directory, or the (3) lxc-attach-script.log or (4) lxc-attach-script.err files in the temporary directory.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183103.html
reference_id
reference_type
scores
url http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183103.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183132.html
reference_id
reference_type
scores
url http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183132.html
2
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183252.html
reference_id
reference_type
scores
url http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183252.html
3
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183274.html
reference_id
reference_type
scores
url http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183274.html
4
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184175.html
reference_id
reference_type
scores
url http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184175.html
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1322925
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1322925
6
reference_url https://github.com/advisories/GHSA-rh6x-qvg7-rrmj
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-rh6x-qvg7-rrmj
7
reference_url https://github.com/ansible/ansible/blob/v1.9.6-1/CHANGELOG.md#196-dancing-in-the-street---tbd
reference_id
reference_type
scores
url https://github.com/ansible/ansible/blob/v1.9.6-1/CHANGELOG.md#196-dancing-in-the-street---tbd
8
reference_url https://github.com/ansible/ansible/blob/v2.0.2.0-1/CHANGELOG.md#202-over-the-hills-and-far-away
reference_id
reference_type
scores
url https://github.com/ansible/ansible/blob/v2.0.2.0-1/CHANGELOG.md#202-over-the-hills-and-far-away
9
reference_url https://github.com/ansible/ansible-modules-extras/pull/1941
reference_id
reference_type
scores
url https://github.com/ansible/ansible-modules-extras/pull/1941
10
reference_url https://github.com/ansible/ansible-modules-extras/pull/1941/commits/8c6fe646ee79f5e55361b885b7efed5bec72d4a4
reference_id
reference_type
scores
url https://github.com/ansible/ansible-modules-extras/pull/1941/commits/8c6fe646ee79f5e55361b885b7efed5bec72d4a4
11
reference_url https://groups.google.com/forum/#!topic/ansible-announce/E80HLZilTU0
reference_id
reference_type
scores
url https://groups.google.com/forum/#!topic/ansible-announce/E80HLZilTU0
12
reference_url https://groups.google.com/forum/#!topic/ansible-announce/tqiZbcWxYig
reference_id
reference_type
scores
url https://groups.google.com/forum/#!topic/ansible-announce/tqiZbcWxYig
13
reference_url https://security.gentoo.org/glsa/201607-14
reference_id
reference_type
scores
url https://security.gentoo.org/glsa/201607-14
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3096
reference_id CVE-2016-3096
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2016-3096
fixed_packages
0
url pkg:pypi/ansible@1.9.6.1
purl pkg:pypi/ansible@1.9.6.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@1.9.6.1
1
url pkg:pypi/ansible@2.0.2.0
purl pkg:pypi/ansible@2.0.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1d8u-w26v-nqfd
1
vulnerability VCID-1sty-hqbq-63hy
2
vulnerability VCID-2z4k-r21v-rfgx
3
vulnerability VCID-7qnx-1gp2-v7bb
4
vulnerability VCID-833d-up6b-rfe1
5
vulnerability VCID-8u2v-jtqe-dqg3
6
vulnerability VCID-am9g-ba4h-sfhr
7
vulnerability VCID-cuq1-se5h-vygd
8
vulnerability VCID-cxts-25nq-4fcs
9
vulnerability VCID-dkds-s3ad-cufa
10
vulnerability VCID-gm99-68bj-c3cz
11
vulnerability VCID-gxw4-ydnj-fkfe
12
vulnerability VCID-hd4w-ksm9-uycv
13
vulnerability VCID-hjc4-jcfm-7be5
14
vulnerability VCID-hpqa-ysnc-b7dw
15
vulnerability VCID-hq4d-92s2-vqg6
16
vulnerability VCID-j6qc-x7e6-buen
17
vulnerability VCID-k8a2-5yfh-j7gp
18
vulnerability VCID-mbj9-3bnb-wbda
19
vulnerability VCID-mj75-gu96-33ay
20
vulnerability VCID-p4p5-29r5-8qh9
21
vulnerability VCID-pqj1-u787-g3aj
22
vulnerability VCID-rgcg-pkhf-7ydk
23
vulnerability VCID-subj-aje2-93bk
24
vulnerability VCID-utrp-hfpb-tygj
25
vulnerability VCID-vhxq-1hqq-77bx
26
vulnerability VCID-vsv2-4d8c-m3g1
27
vulnerability VCID-x4mr-vrp9-ufg6
28
vulnerability VCID-ykkx-swgs-vybn
29
vulnerability VCID-yre5-mmmj-q3bn
30
vulnerability VCID-zwrg-9mrq-effd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/ansible@2.0.2.0
aliases CVE-2016-3096, GHSA-rh6x-qvg7-rrmj, PYSEC-2016-1
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g8tj-eaqr-myaa
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/ansible@1.9.6.1