CNNVD-202509-4405 Information
Sep 29, 2025
cve
CNNVD ID
CNNVD-202509-4405
Related CVE
- CNNVD Published: 2025-09-29
Description (Chinese)
Chef Software Chef Automate是Chef Software公司的一种自动化平台,用于自动化和管理基础设施、应用程序和合规性,以帮助组织实现持续交付、自动化操作和安全合规性。 Chef Software Chef Automate 4.13.295之前版本存在SQL注入漏洞,该漏洞源于输入中和不当,可能导致SQL注入攻击。
Description (English)
Chef Software Chef Automate is an automated platform for Chef Software to automate and manage infrastructure, applications and compliance to help organizations achieve continuous delivery, automation and security compliance. Chef Software Chef Automate 4.13,295 had an injection loophole in the SQL, which originated from the inaccuracy of the input and could lead to an attack by SQL.
Hazard Level
Medium
Vulnerability Type
SQL注入
Affected Vendor
Chef Software
Published
2025-09-29
Last Modified
2026-02-24
References
https://docs.chef.io/release_notes_automate/#4.13.295
Patch
https://docs.chef.io/release_notes_automate/#4.13.295
Share on: