Max CVSS | 7.5 | Min CVSS | 7.5 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2017-2292 | 7.5 |
Versions of MCollective prior to 2.10.4 deserialized YAML from agents without calling safe_load, allowing the potential for arbitrary code execution on the server. The fix for this is to call YAML.safe_load on input. This has been tested in all Puppe
|
06-09-2017 - 01:29 | 30-06-2017 - 20:29 |