Back to bug 2162970

Who	When	What	Removed	Added
RaTasha Tillery-Smith	2023-01-24 15:39:43 UTC	CC		security-response-team
		Depends On		2162973
		Depends On		2163524, 2163522, 2163523
		Summary	EMBARGOED Satellite/Foreman: Arbitrary code execution through yaml global parameters	EMBARGOED CVE-2023-0462 Satellite/Foreman: Arbitrary code execution through yaml global parameters
		Alias		CVE-2023-0462
		Doc Text	An arbitrary code execution flaw was found in Foreman. This flaw allows an admin user to execute arbitrary code on the underlying operating system by setting global parameters with a yaml payload.	An arbitrary code execution flaw was found in Foreman. This flaw allows an admin user to execute arbitrary code on the underlying operating system by setting global parameters with a YAML payload.
Red Hat Bugzilla	2023-03-02 08:28:30 UTC	CC	myarboro
Ron Lavi	2023-03-22 17:11:14 UTC	CC		myarboro
		Summary	EMBARGOED CVE-2023-0462 Satellite/Foreman: Arbitrary code execution through yaml global parameters	CVE-2023-0462 Satellite/Foreman: Arbitrary code execution through yaml global parameters
		Deadline	2023-03-21
		Group	security, qe_staff
		CC		rlavi
		Link ID		Foreman Issue Tracker 36219
		Doc Type	---	If docs needed, set a value
Paige Jung	2023-03-22 17:24:43 UTC	Doc Text	An arbitrary code execution flaw was found in Foreman. This flaw allows an admin user to execute arbitrary code on the underlying operating system by setting global parameters with a YAML payload.	An arbitrary code execution flaw was found in Foreman. This issue may allow an admin user to execute arbitrary code on the underlying operating system by setting global parameters with a YAML payload.
Red Hat Bugzilla	2023-05-15 20:19:06 UTC	CC	btotty
Red Hat Bugzilla	2023-07-07 08:35:46 UTC	Assignee	security-response-team	nobody
		CC	security-response-team
Eric Helms	2023-07-31 15:40:01 UTC	Depends On		2227826

Back to bug 2162970