In ansible it was found that inventory variables are loaded from current working directory when running ad-hoc command which are under attacker's control, allowing to run arbitrary code as a result.
https://usn.ubuntu.com/4072-1/
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10874
https://access.redhat.com/errata/RHSA-2019:0054
https://access.redhat.com/errata/RHSA-2018:2585
https://access.redhat.com/errata/RHSA-2018:2321
https://access.redhat.com/errata/RHSA-2018:2166
https://access.redhat.com/errata/RHSA-2018:2152
https://access.redhat.com/errata/RHSA-2018:2151
https://access.redhat.com/errata/RHSA-2018:2150