An exploitable vulnerability exists in the yaml loading functionality of ansible-vault prior to 1.0.5. A specially crafted vault can execute arbitrary python commands resulting in command execution. An attacker can insert python into the vault to trigger this vulnerability.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ansible-vault project ansible-vault |