tomoh1r/ansible-vault

Releases18

Frequency7 months 1 day

Last Release about 1 year ago

Stars54

This project aim to R/W an ansible-vault yaml file

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2017-2809 ↗	Sep 14, 2017Thursday, 14 September 2017, 19:29	—	6.8 MEDIUM
An exploitable vulnerability exists in the yaml loading functionality of ansible-vault before 1.0.5. A specially crafted vault can execute arbitrary python commands resulting in command execution. An attacker can insert python into the vault to trigger this vulnerability.