CVE-2014-4657: Security fix for safe_eval
(updated )
The safe_eval
function in Ansible does not properly restrict the code subset, which allows remote attackers to execute arbitrary code via crafted instructions.
References
Detect and mitigate CVE-2014-4657 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →