VYPR
High severity7.8NVD Advisory· Published Jun 3, 2016· Updated Jun 17, 2026

CVE-2016-3096

CVE-2016-3096

Description

The create_script function in the lxc_container module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on (1) /opt/.lxc-attach-script, (2) the archived container in the archive_path directory, or the (3) lxc-attach-script.log or (4) lxc-attach-script.err files in the temporary directory.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
ansiblePyPI
>= 2.0.0.0, < 2.0.2.02.0.2.0
ansiblePyPI
< 1.9.6.11.9.6.1

Affected products

13

Patches

Vulnerability mechanics

References

19

News mentions

0

No linked articles in our index yet.