VYPR

Chef Manage

by Chef

CVEs (2)

  • CVE-2017-7174CriMar 17, 2017
    risk 0.64cvss 9.8epss 0.02

    The user-account creation feature in Chef Manage 2.1.0 through 2.4.4 allows remote attackers to execute arbitrary code. This is fixed in 2.4.5.

  • CVE-2016-4326CriJun 10, 2016
    risk 0.64cvss 9.8epss 0.04

    The Chef Manage (formerly opscode-manage) add-on before 1.12.0 for Chef allows remote attackers to execute arbitrary code via crafted serialized data in a cookie.