5 matches found
CVE-2022-3874 Os command injection via ct_command and fcct_command
A command injection flaw was found in foreman. This flaw allows an authenticated user with admin privileges on the foreman instance to transpile commands through CoreOS and Fedora CoreOS configurations in templates, possibly resulting in arbitrary command execution on the underlying operating...
CVE-2022-3874 Os command injection via ct_command and fcct_command
A command injection flaw was found in foreman. This flaw allows an authenticated user with admin privileges on the foreman instance to transpile commands through CoreOS and Fedora CoreOS configurations in templates, possibly resulting in arbitrary command execution on the underlying operating...
CVE-2022-3874
CVE-2022-3874 is a command-injection flaw in Foreman where an authenticated admin can trigger OS commands via CoreOS/Fedora CoreOS templates (ct_command and fcct_command). Root cause: command injection in template processing could lead to arbitrary code execution on the host. Exploitation details...
[SECURITY] [DLA 3526-1] libreoffice security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3526-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès August 13, 2023 https://wiki.debian.org/LTS -...
CVE-2022-3874
A command injection flaw was found in foreman. This flaw allows an authenticated user with admin privileges on the foreman instance to transpile commands through CoreOS and Fedora CoreOS configurations in templates, possibly resulting in arbitrary command execution on the underlying operating...