Chef Automate
Approved changes feed: RSS · Atom
cpe:2.3:a:progress_software_corporation:chef_automate:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Progress Software Corporation (936a4410-8e02-5d5c-938a-4a1509e8d7ef) |
|---|---|
| Product | Chef Automate (e0ae9259-e1e2-5f0c-8110-8336330f1752) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-40050 |
vulnerable | 2026-06-08 06:09:41.119820 |
Automate Vulnerable to Malicious Content Uploaded Through Embedded Compliance Application
CRITICAL (9.9)
Upload profile either
through API or user interface in Chef Automate prior to and including version 4.10.29 using InSpec
check command with maliciously crafted profile allows remote code execution.
Published: 2023-10-31T14:07:59.881Z
Updated: 2024-09-06T15:41:14.418Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.