0.035 Low
EPSS
Percentile
91.7%
It was found that the “variant” parameter in the TFTP API of Foreman was passed to the eval() function. An attacker could possibly use this flaw to execute arbitrary code with the privileges of the Foreman user.
bugzilla.redhat.com/show_bug.cgi?id=1333378