File tree Expand file tree Collapse file tree 1 file changed +24
-0
lines changed
Expand file tree Collapse file tree 1 file changed +24
-0
lines changed Original file line number Diff line number Diff line change 1+ ---
2+ gem : rubyipmi
3+ cve : 2026-0980
4+ ghsa : hfcp-477w-3wjw
5+ url : https://access.redhat.com/security/cve/CVE-2026-0980
6+ title : rubyipmi is vulnerable to OS Command Injection through
7+ malicious usernames
8+ date : 2026-02-27
9+ description : |
10+ A flaw was found in rubyipmi, a gem used in the Baseboard Management
11+ Controller (BMC) component of Red Hat Satellite. An authenticated
12+ attacker with host creation or update permissions could exploit this
13+ vulnerability by crafting a malicious username for the BMC interface.
14+ This could lead to remote code execution (RCE) on the system.
15+ cvss_v3 : 8.3
16+ patched_versions :
17+ - " >= 0.13.0"
18+ related :
19+ url :
20+ - https://nvd.nist.gov/vuln/detail/CVE-2026-0980
21+ - https://access.redhat.com/security/cve/CVE-2026-0980
22+ - https://bugzilla.redhat.com/show_bug.cgi?id=2429874
23+ - https://github.com/logicminds/rubyipmi/commit/252503a7b4dca68388165883b0322024e344a215
24+ - https://github.com/advisories/GHSA-hfcp-477w-3wjw
You can’t perform that action at this time.
0 commit comments