CVE Vulnerabilities

CVE-2022-25350

Published: Jan 26, 2023 | Modified: Nov 07, 2023
CVSS 3.x
7.8
HIGH
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

All versions of the package puppet-facter are vulnerable to Command Injection via the getFact function due to improper input sanitization.

Affected Software

Name Vendor Start Version End Version
Puppet-facter Helecloud * *

References