CVE-2015-6240: Possible escape from confined environment

June 7, 2017 (updated September 16, 2019)

Improprer symlink handling in zone, jail, and chroot connection plugins could lead to escape from confined environment. File copying is not performed by code that is operating within the restricted environment (chroot, jail, or zone).

References

www.ansible.com/security
github.com/ansible/ansible/blob/devel/CHANGELOG.md
github.com/ansible/ansible/commit/952166f48eb0f5797b75b160fd156bbe1e8fc647
github.com/ansible/ansible/commit/ca2f2c4ebd7b5e097eab0a710f79c1f63badf95b

Code Behaviors & Features

Detect and mitigate CVE-2015-6240 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →