exploitDog

GHSA-x626-c49h-fr9m

Опубликовано: 31 окт. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

Archive, check and export commands in Chef InSpec prior to 4.56.58 and 5.22.29 allow local command execution via maliciously crafted profile.

Archive, check and export commands in Chef InSpec prior to 4.56.58 and 5.22.29 allow local command execution via maliciously crafted profile.

Ссылки

EPSS

Процентиль: 35%

0.00147

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-917

CWE-94

Связанные уязвимости

CVE-2023-42658

CVSS3: 8.8

nvd

больше 2 лет назад

Archive command in Chef InSpec prior to 4.56.58 and 5.22.29 allow local command execution via maliciously crafted profile.

EPSS

Процентиль: 35%

0.00147

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-917

CWE-94