Miggo Logo

CVE-2017-10689: Tarball permission preservation in puppet

5.5

CVSS Score
3.0

Basic Information

EPSS Score
0.26976%
Published
5/13/2022
Updated
1/27/2023
KEV Status
No
Technology
TechnologyRuby

Technical Details

CVSS Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
puppetrubygems< 4.10.104.10.10
puppetrubygems>= 5.0.0, < 5.3.45.3.4

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis:
In progress

WAF Protection Rules

WAF Rule

W**n inst*llin* * mo*ul* usin* t** syst*m t*r, t** PMT will *ilt*r *il*syst*m p*rmissions to * s*n* v*lu*. T*is m*y just ** **s** on t** us*r's um*sk. W**n usin* minit*r, *il*s *r* unp**k** wit* w**t*v*r p*rmissions *r* in t** t*r**ll. T*is is pot*n

Reasoning

No *n*lysis *v*il**l*