← Back

Crowbar

crowbar

Vendor: Dell • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2012-3551
1Dell
1Crowbar
Apr 29, 2026
Sep 5, 2012
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in crowbar_framework/app/views/support/index.html.haml in the Crowbar barclamp in Crowbar, possibly 1.4 and earlier, allows remote attackers to inject arbitrary web script or HTML...Show more
Cross-site scripting (XSS) vulnerability in crowbar_framework/app/views/support/index.html.haml in the Crowbar barclamp in Crowbar, possibly 1.4 and earlier, allows remote attackers to inject arbitrary web script or HTML via the file parameter to /utils.Show less
CVE-2012-3537
1Dell
1Crowbar
Apr 29, 2026
Sep 5, 2012
N/A· v4
N/A· v3
4.6 MEDIUM· v2
The Crowbar Ohai plugin (chef/cookbooks/ohai/files/default/plugins/crowbar.rb) in the Deployer Barclamp in Crowbar, possibly 1.4 and earlier, allows local users to execute arbitrary shell commands via vectors related to...Show more
The Crowbar Ohai plugin (chef/cookbooks/ohai/files/default/plugins/crowbar.rb) in the Deployer Barclamp in Crowbar, possibly 1.4 and earlier, allows local users to execute arbitrary shell commands via vectors related to "insecure handling of tmp files" and predictable file names.Show less