Novell : Security vulnerabilities, CVEs Code Execution published in August 2013

CVE-2013-3567

Puppet 2.7.x before 2.7.22 and 3.2.x before 3.2.2, and Puppet Enterprise before 2.8.2, deserializes untrusted YAML, which allows remote attackers to instantiate arbitrary Ruby classes and execute arbitrary code via a crafted REST API call.

Max CVSS

7.5

EPSS Score

20.86%

Published

2013-08-19

Updated

2019-07-10

1 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!

Accept Close

Novell : Security Vulnerabilities, CVEs, Published In August 2013 (Code Execution)

CVE-2013-3567