Sha256: 0b702b77dd298e041d8a322f3dc16ff691d1d59a4540d98db759f19116b0a521
Contents?: true
Size: 570 Bytes
Versions: 1
Compression:
Stored size: 570 Bytes
Contents
--- gem: smart_proxy_dynflow cve: 2018-14643 url: https://github.com/theforeman/smart_proxy_dynflow/pull/54 date: 2018-09-14 title: smart_proxy_dynflow gem authentication bypass in Foreman remote execution feature description: | An authentication bypass flaw was found in the smart_proxy_dynflow component used by Foreman. A malicious attacker can use this flaw to remotely execute arbitrary commands on machines managed by vulnerable Foreman instances, in a highly privileged context. cvss_v3: 9.8 cvss_v2: 10.0 patched_versions: - ~> 0.1.11 - ">= 0.2.1"
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| bundler-audit-0.7.0.1 | data/ruby-advisory-db/gems/smart_proxy_dynflow/CVE-2018-14643.yml |