VYPR

Inspec

by RubyGems

CVEs (2)

  • CVE-2025-6723MedJan 30, 2026
    risk 0.38cvss epss 0.00

    Chef InSpec versions up to 5.23 and before 7.0.107 creates named pipes with overly permissive default Windows access controls. A local attacker may interfere with the pipe connection process and exploit the insufficient access restrictions to assume the InSpec execution context,…

  • CVE-2023-42658Oct 31, 2023
    risk 0.00cvss epss 0.00

    Archive command in Chef InSpec prior to 4.56.58 and 5.22.29 allow local command execution via maliciously crafted profile.