CVE Daily – Chef InSpec https://cvedaily.com/pages/tags/chef-inspec.html CVE Daily – Chef InSpec en Wed, 03 Jun 2026 21:27:00 +0000 [Medium] CVE-2025-6723 – Chef InSpec versions up to 5.23 and before 7.0.107 creates named pipes with over... https://nvd.nist.gov/vuln/detail/CVE-2025-6723 https://nvd.nist.gov/vuln/detail/CVE-2025-6723 Fri, 30 Jan 2026 14:16:06 +0000 Medium CVE-2025-6723

Chef InSpec versions up to 5.23 and before 7.0.107 creates named pipes with overly permissive default Windows access controls. A local attacker may interfere with the pipe connection process and exploit the insufficient access restrictions to assume the InSpec execution context, potentially resulting in elevated privileges or operational disruption. This issue affects Chef Inspec: through 5.23 a…

CVSS: 5.8 · CWE: CWE-269

View on NVD

]]> [High] CVE-2023-42658 – Archive command in Chef InSpec prior to 4.56.58 and 5.22.29 allow local command ... https://nvd.nist.gov/vuln/detail/CVE-2023-42658 https://nvd.nist.gov/vuln/detail/CVE-2023-42658 Tue, 31 Oct 2023 15:15:09 +0000 High CVE-2023-42658

Archive command in Chef InSpec prior to 4.56.58 and 5.22.29 allow local command execution via maliciously crafted profile.

CVSS: 8.8 · CWE: CWE-94

View on NVD

]]>