Search for packages
| purl | pkg:pypi/ansible@1.9.6.0 |
| Tags | Ghost |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-s1r4-29kw-5kbg
Aliases: CVE-2016-3096 GHSA-rh6x-qvg7-rrmj PYSEC-2016-1 |
The create_script function in the lxc_container module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on (1) /opt/.lxc-attach-script, (2) the archived container in the archive_path directory, or the (3) lxc-attach-script.log or (4) lxc-attach-script.err files in the temporary directory. |
Affected by 0 other vulnerabilities. Affected by 46 other vulnerabilities. Affected by 43 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T15:56:42.839317+00:00 | GHSA Importer | Affected by | VCID-s1r4-29kw-5kbg | https://github.com/advisories/GHSA-rh6x-qvg7-rrmj | 38.0.0 |
| 2026-04-01T12:47:59.062055+00:00 | GitLab Importer | Affected by | VCID-s1r4-29kw-5kbg | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/ansible/CVE-2016-3096.yml | 38.0.0 |