cve/CVE-2025-5459.md at 7287accf6b3df6d7c9a1c39ba3edb78424a5b645

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-11-30 18:56:19 +00:00

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

Description

A user with specific node group editing permissions and a specially crafted class parameter could be used to execute commands as root on the primary host. It affects Puppet Enterprise versions 2018.1.8 through 2023.8.3 and 2025.3 and has been resolved in versions 2023.8.4 and 2025.4.0.

POC

Reference

https://portal.perforce.com/s/detail/a91PA000001SiDdYAK

Github

No PoCs found on GitHub currently.

908 B Raw Blame History

CVE-2025-5459

Description

POC

Reference

Github

908 B

Raw Blame History