The set_mgmt_parameters function in item.py in cobbler prior to 2.2.2 allows context-dependent malicious users to execute arbitrary code via vectors related to the use of the yaml.load function instead of the yaml.safe_load function, as demonstrated using Puppet.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cobbler project cobbler |