CVE-2010-2235: Improper Control of Generation of Code ('Code Injection')
(updated )
CVE-2010-2235 RHN Satellite (cobbler): Code injection flaw (ACE as root) by processing of a specially-crafted kickstart template file
References
- people.fedoraproject.org/~shenson/cobbler/cobbler-2.0.8.tar.gz
- www.redhat.com/support/errata/RHSA-2010-0775.html
- access.redhat.com/errata/RHSA-2010:0775
- access.redhat.com/security/cve/CVE-2010-2235
- bugzilla.redhat.com/show_bug.cgi?id=607662
- github.com/advisories/GHSA-jhm7-38xj-pvm8
- nvd.nist.gov/vuln/detail/CVE-2010-2235
Code Behaviors & Features
Detect and mitigate CVE-2010-2235 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →