CVE-2011-4953

2014-10-27T01:55:00
ID CVE-2011-4953
Type cve
Reporter secalert@redhat.com
Modified 2014-10-29T01:17:00

Description

The set_mgmt_parameters function in item.py in cobbler before 2.2.2 allows context-dependent attackers to execute arbitrary code via vectors related to the use of the yaml.load function instead of the yaml.safe_load function, as demonstrated using Puppet.