Search for packages
| purl | pkg:deb/debian/ansible@1.6.8%2Bdfsg-1?distro=trixie |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-4b5u-b82x-zkc5 | Multiple argument injection vulnerabilities in Ansible before 1.6.7 allow remote attackers to execute arbitrary code by leveraging access to an Ansible managed host and providing a crafted fact, as demonstrated by a fact with (1) a trailing " src=" clause, (2) a trailing " temp=" clause, or (3) a trailing " validate=" clause accompanied by a shell command. |
CVE-2014-4967
GHSA-64cw-m57j-65xj PYSEC-2020-205 |
| VCID-8pn7-4k42-6qeb | Ansible before 1.6.7 does not prevent inventory data with "{{" and "lookup" substrings, and does not prevent remote data with "{{" substrings, which allows remote attackers to execute arbitrary code via (1) crafted lookup('pipe') calls or (2) crafted Jinja2 data. |
CVE-2014-4966
GHSA-wqq5-c89p-3wc3 PYSEC-2020-204 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T12:09:44.849736+00:00 | Debian Importer | Fixing | VCID-4b5u-b82x-zkc5 | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-16T08:40:34.849331+00:00 | Debian Importer | Fixing | VCID-8pn7-4k42-6qeb | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-13T08:19:01.837723+00:00 | Debian Importer | Fixing | VCID-4b5u-b82x-zkc5 | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-11T17:49:54.959341+00:00 | Debian Importer | Fixing | VCID-8pn7-4k42-6qeb | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-02T17:13:54.313743+00:00 | Debian Importer | Fixing | VCID-4b5u-b82x-zkc5 | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |
| 2026-04-02T17:02:19.021159+00:00 | Debian Importer | Fixing | VCID-8pn7-4k42-6qeb | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |