CVE-2023-0118

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-0118
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-0118.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-0118
Downstream
Withdrawn
2026-05-04T08:39:27.553798Z
Published
2023-09-20T14:15:12.827Z
Modified
2026-05-04T08:39:27.553798Z
Severity
  • 9.1 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

An arbitrary code execution flaw was found in Foreman. This flaw allows an admin user to bypass safe mode in templates and execute arbitrary code on the underlying operating system.

References

Affected packages

Git /

Affected ranges

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-0118.json"
unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "6.13"
            },
            {
                "fixed": "6.13.3"
            }
        ]
    }
]