CVE-2020-10691

CVE-2020-10691

An archive traversal flaw was found in all ansible-engine versions 2.9.x prior to 2.9.7, when running ansible-galaxy collection install. When extracting a collection .tar.gz file, the directory is created without sanitizing the filename. An attacker could take advantage to overwrite any file within the system.

Source: CVE-2020-10691

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다