=3.0.0, <3.2.2

Snyk CVSS

Attack Complexity Low

Threat Intelligence

EPSS 20.86% (97^th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk ID SNYK-RUBY-PUPPET-20325
published 28 Feb 2017
disclosed 28 Feb 2013
credit Puppet Labs

Report a new vulnerability Found a mistake?

Introduced: 28 Feb 2013

CVE-2013-3567 Open this link in a new tab CWE-94 Open this link in a new tab

Overview

When making REST api calls, the puppet master takes YAML from an untrusted client, deserializes it, and then calls methods on the resulting object. An attacker may take advantage of this to craft a YAML payload that will cause the deserialization to construct an instance of any class in the ruby process and execute code from the payload.

References

https://github.com/puppetlabs/puppet/commit/5926d1a117a5a14a39c57754ae123f48168798d1
https://github.com/puppetlabs/puppet/commit/79b875e941e24e6e28c594e2d102263ce63f1b9d
https://github.com/puppetlabs/puppet/commit/b01c7287ac0b9ada04f5516afb49a81eac018130
https://github.com/puppetlabs/puppet/commit/cb607d950b4841b956f977b32cb255c595a7b728
https://github.com/puppetlabs/puppet/commit/ce50d4ab992efdd1edd138d2a0eb6987213dcad1
https://github.com/advisories/GHSA-f7p5-w2cr-7cp7
https://web.archive.org/web/20221205043307/https://puppet.com/security/cve/cve-2013-3567/