CVE-2023-5764 Information

Description

A template injection flaw was found in Ansible where a user’s controller internal templating operations may remove the unsafe designation from template data. This issue could allow an attacker to use a specially crafted file to introduce code injection when supplying templating data.

Reference

https://access.redhat.com/security/cve/CVE-2023-5764 https://bugzilla.redhat.com/show_bug.cgi?id=2247629 https://access.redhat.com/errata/RHSA-2023:7773