VYPR
High severity8.1NVD Advisory· Published Apr 24, 2018· Updated Jun 17, 2026

CVE-2016-9587

CVE-2016-9587

Description

Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's handling of data sent from client systems. An attacker with control over a client system being managed by Ansible and the ability to send facts back to the Ansible server could use this flaw to execute arbitrary code on the Ansible server using the Ansible server privileges.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
ansiblePyPI
< 2.1.4.02.1.4.0
ansiblePyPI
>= 2.2.0.0, < 2.2.1.02.2.1.0

Affected products

181

Patches

Vulnerability mechanics

References

14

News mentions

0

No linked articles in our index yet.