VYPR
High severity7.8NVD Advisory· Published Jul 13, 2018· Updated Jun 17, 2026

CVE-2018-10875

CVE-2018-10875

Description

A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
ansiblePyPI
< 2.4.6.02.4.6.0
ansiblePyPI
>= 2.5.0a1, < 2.5.62.5.6
ansiblePyPI
>= 2.6.0a1, < 2.6.12.6.1

Affected products

149

Patches

Vulnerability mechanics

References

25

News mentions

0

No linked articles in our index yet.