An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used to overwrite a file outside of the extraction path.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| ansible(PyPI) | 0 | 8.5.0 | N/A |
CVSS Metrics
