MGASA-2014-0350

Advisory lineage Upstream: 3 Downstream: 0

Upstream

CVE-2014-4678 CVE-2014-4966 CVE-2014-4967

Published: 25 Aug 2014, 08:44

Last modified:16 Apr 2026, 06:25

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

25 Aug 2014, 08:44

Published

Vulnerability first disclosed

16 Apr 2026, 06:25

Last Modified

Vulnerability information updated

Description

Updated ansible package fixes multiple security issues Updated ansible package fixes security vulnerabilities: The Ansible platform before version 1.6.7 suffers from input sanitization errors that allow arbitrary code execution as well as information leak, in case an attacker is able to control certain playbook variables (CVE-2014-4678, CVE-2014-4966, CVE-2014-4967). The ansible package has been updated to version 1.6.8, which fixes these issues and several other bugs.

Affected Systems

mageia•ansible
< 1.6.10-1.mga4

MGASA-2014-0350

Vulnerability Summary

Timeline

Description

Affected Systems

References (7)