Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2013-3567

Опубликовано: 19 авг. 2013
Источник: debian
EPSS Средний

Описание

Puppet 2.7.x before 2.7.22 and 3.2.x before 3.2.2, and Puppet Enterprise before 2.8.2, deserializes untrusted YAML, which allows remote attackers to instantiate arbitrary Ruby classes and execute arbitrary code via a crafted REST API call.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
puppetfixed3.2.2-1package

EPSS

Процентиль: 93%
0.11139
Средний

Связанные уязвимости

ubuntu логотип

CVE-2013-3567

ubuntu
больше 12 лет назад

Puppet 2.7.x before 2.7.22 and 3.2.x before 3.2.2, and Puppet Enterprise before 2.8.2, deserializes untrusted YAML, which allows remote attackers to instantiate arbitrary Ruby classes and execute arbitrary code via a crafted REST API call.

redhat логотип

CVE-2013-3567

redhat
больше 12 лет назад

Puppet 2.7.x before 2.7.22 and 3.2.x before 3.2.2, and Puppet Enterprise before 2.8.2, deserializes untrusted YAML, which allows remote attackers to instantiate arbitrary Ruby classes and execute arbitrary code via a crafted REST API call.

nvd логотип

CVE-2013-3567

nvd
больше 12 лет назад

Puppet 2.7.x before 2.7.22 and 3.2.x before 3.2.2, and Puppet Enterprise before 2.8.2, deserializes untrusted YAML, which allows remote attackers to instantiate arbitrary Ruby classes and execute arbitrary code via a crafted REST API call.

github логотип

GHSA-f7p5-w2cr-7cp7

github
больше 8 лет назад

Puppet Improper Input Validation vulnerability

suse-cvrf логотип

SUSE-RU-2015:0696-1

suse-cvrf
больше 11 лет назад

Security update for puppet

EPSS

Процентиль: 93%
0.11139
Средний