CVE-2013-4957
The CVE affects Puppet Enterprise prior to 3.0.1, where the dashboard report handling allows an attacker to execute arbitrary YAML code through a crafted report-specific type. The root cause is processing of the report-specific type in the dashboard/report generation flow, enabling code execution...