Vulnerabilities (CVE)

Filtered by vendor Chef Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-8559 1 Chef 1 Chef 2021-06-28 5.0 MEDIUM 7.5 HIGH
The knife bootstrap command in chef Infra client before version 15.4.45 leaks the validator.pem private RSA key to /var/log/messages.
CVE-2016-4326 1 Chef 1 Chef Manage 2016-06-10 7.5 HIGH 9.8 CRITICAL
The Chef Manage (formerly opscode-manage) add-on before 1.12.0 for Chef allows remote attackers to execute arbitrary code via crafted serialized data in a cookie.