Unrated severityNVD Advisory· Published Oct 31, 2023· Updated Sep 6, 2024
InSpec Archive Command Vulnerable to Maliciously Crafted Profile
CVE-2023-42658
Description
Archive command in Chef InSpec prior to 4.56.58 and 5.22.29 allow local command execution via maliciously crafted profile.
Affected products
2- Progress Software Corporation/Chef InSpecv5Range: 4.0.0
Patches
Vulnerability mechanics
References
3- community.progress.com/s/article/Product-Alert-Bulletin-October-2023-CHEF-Inspec-CVE-2023-42658mitrevendor-advisory
- docs.chef.io/inspec/cli/mitrerelease-notes
- docs.chef.io/release_notes_inspec/mitrerelease-notes
News mentions
0No linked articles in our index yet.