EUVD-2023-0468

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2015-1426

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Puppet Labs Facter 1.6.0 through 2.4.0 allows local users to obtains sensitive Amazon EC2 IAM instance metadata by reading a fact for an Amazon EC2 node...

CVE-2022-25350

All versions of the package puppet-facter are vulnerable to Command Injection via the getFact function due to improper input sanitization...

SUSE CVE-2015-1426

Puppet Labs Facter 1.6.0 through 2.4.0 allows local users to obtains sensitive Amazon EC2 IAM instance metadata by reading a fact for an Amazon EC2 node...

Command Injection in puppet-facter

All versions of the package puppet-facter are vulnerable to Command Injection via the getFact function due to improper input sanitization...

GHSA-G5QR-XGG7-8Q2W Command Injection in puppet-facter

All versions of the package puppet-facter are vulnerable to Command Injection via the getFact function due to improper input sanitization...

CVE-2022-25350

All versions of the package puppet-facter are vulnerable to Command Injection via the getFact function due to improper input sanitization...

Command injection

All versions of the package puppet-facter are vulnerable to Command Injection via the getFact function due to improper input sanitization...

node-puppet-facter 安全漏洞

node-puppet-facter is an open source Node.JS module for Facter by OlinData. A security vulnerability exists in puppet-facter that stems from the getFact function not properly cleaning up data data...

CVE-2022-25350

All versions of the package puppet-facter are vulnerable to Command Injection via the getFact function due to improper input sanitization...

CVE-2022-25350

CVE-2022-25350 affects the Node.js module puppet-facter . The vulnerability is a command injection in the getFact function caused by improper input sanitization . It is a local attack with high impact on confidentiality, integrity, and availability (CVSS 3.1 base 7.8). Affected: all versions (no ...

CVE-2022-25350

All versions of the package puppet-facter are vulnerable to Command Injection via the getFact function due to improper input sanitization...

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection via the getFact function due to improper input sanitization. PoC js var root = require"puppet-facter" root.getFact"& touch JHU",function, Remediation There is no fixed version for puppet-facter. References - Vulnerable...

Puppet Labs Facter Information Disclosure Vulnerability

Puppet Labs Facter is a set of configuration management system of Puppet Labs in the United States. The system has to help system administrators automatically configure the relevant software, automatic execution of the update system equipment and other functions. A security vulnerability exists i...

UBUNTU-CVE-2015-1426

Puppet Labs Facter 1.6.0 through 2.4.0 allows local users to obtains sensitive Amazon EC2 IAM instance metadata by reading a fact for an Amazon EC2 node...