CVE-2023-42658 Information

Description

Archive command in Chef InSpec prior to 4.56.58 and 5.22.29 allow local command execution via maliciously crafted profile.

Reference

https://docs.chef.io/inspec/cli/ https://docs.chef.io/release_notes_inspec/ https://community.progress.com/s/article/Product-Alert-Bulletin-October-2023-CHEF-Inspec-CVE-2023-42658