2 matches found
Chef Automate < 4.13.295 — SQL Injection
In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in the compliance service via improperly neutralized inputs used in an SQL command using a well-known token. id: CVE-2025-8868 info...
CVE-2025-8868
creationtimestamp| type| source ---|---|--- 2025-09-29 12:39:46+00:00| seen| https://gist.github.com/Darkcrai86/ce36a6f3a7e1de36fcad2b68518a1953 2025-09-30 23:28:17+00:00| seen| https://bsky.app/profile/getpokemon7.bsky.social/post/3m23ohoslm22b 2025-10-06 16:38:53+00:00| confirmed|...