We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
A template injection flaw was found in Ansible where a user's controller internal templating operations may remove the unsafe designation from template data. This issue could allow an attacker to use a specially crafted file to introduce templating injection when supplying templating data.
Reserved 2023-10-25 | Published 2023-12-12 | Updated 2024-11-23 | Assigner redhatImproper Neutralization of Special Elements Used in a Template Engine
2023-11-02: | Reported to Red Hat. |
2023-11-02: | Made public. |
access.redhat.com/errata/RHSA-2023:7773 (RHSA-2023:7773)
access.redhat.com/security/cve/CVE-2023-5764
bugzilla.redhat.com/show_bug.cgi?id=2247629 (RHBZ#2247629)
Support options