Filter
Versions
2.5.1
19
3.0.0
17
2.0.0
16
2.5.2
15
2.8.0
15
2.8.1
14
2.8.2
13
1.2.0
12
2.8.3
11
1.2.1
8
1.2.2
8
1.2.3
8
2.0.1
8
2.0.2
8
1.2.4
7
3.1.0
7
2.7.0
6
2017.1.0
6
2.5.0
5
2015.2.0
5
2017.1.1
5
2018.1.0
5
1.0
4
1.1
4
2.7.1
4
2016.5.1
4
3.8.0
4
2015.3.0
3
2015.3.2
3
2015.3.3
3
2016.1.1
3
2016.2.0
3
2016.4.0
3
2016.5.2
3
2017.3.0
3
2023.0
3
3.0.1
3
3.7.0
3
2015.2.1
2
2015.2.2
2
2015.2.3
2
2016.1.2
2
2016.2.1
2
2017.2.1
2
2019.0
2
2021.0.0
2
3.1.1
2
3.7.2
2
2.0.3
1
2.6.0
1
2.7.2
1
2.8.4
1
2.8.5
1
2.8.6
1
2.8.8
1
2015.3.1
1
2016.4.14
1
2016.4.3
1
2017.2.3
1
2017.3.2
1
2017.3.9
1
2018.1.3
1
2021.7.0
1
2021.7.1
1
2021.7.3
1
2023.1.0
1
3.1
1
3.2.0
1
3.8.1
1
3.8.2
1
3.8.6
1
CVE-2023-5309Broken Session Management in Puppet Enterprise
9.8
First published (updated )
Puppet Puppet EnterpriseA privilege escalation allowing remote code execution was discovered in the orchestration service.
9.8
First published (updated )
Puppet Puppet EnterpriseA Regular Expression Denial of Service (ReDoS) issue was discovered in Puppet Server 7.9.2 certifica…
5.3
First published (updated )
Puppet Puppet AgentA flaw was discovered in Puppet Agent and Puppet Server that may result in a leak of HTTP credential…
9.8
First published (updated )
Puppet Puppet AgentA flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be …
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Puppet PuppetA flaw was divered in Puppet Enterprise and other Puppet products where sensitive plan parameters ma…
4.4
First published (updated )
Puppet PuppetA flaw was discovered in bolt-server and ace where running a task with sensitive parameters results …
4.9
First published (updated )
Puppet PuppetdbPuppetDB logging included potentially sensitive system information.
4.3
First published (updated )
Puppet Puppet EnterprisePuppet Enterprise presented a security risk by not sanitizing user input when doing a CSV export.
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Puppet Puppet EnterpriseThe express install, which is the suggested way to install Puppet Enterprise, gives the user a URL a…
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Puppet Puppet EnterpriseWhen users are configured to use startTLS with RBAC LDAP, at login time, the user's credentials are …
9.8
First published (updated )
Puppet PuppetPuppet Enterprise 2016.4.x prior to 2016.4.12, Puppet Enterprise 2017.3.x prior to 2017.3.7, Puppet …
8.8
First published (updated )
Puppet Puppet EnterpriseXSS Vulnerability in Puppet Enterprise Console
5.4
First published (updated )
Puppet Puppet EnterpriseXSS Vulnerability in Puppet Enterprise Console
5.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/puppet-agentIn previous versions of Puppet Agent it was possible for the agent to retrieve facts from an environ…
6.5
First published (updated )
Puppet Puppet EnterprisePuppet Enterprise 2017.3.x prior to 2017.3.3 are vulnerable to a remote execution bug when a special…
8
First published (updated )
Puppet Puppet EnterpriseVersions of Puppet Enterprise prior to 2016.4.5 or 2017.2.1 shipped with an MCollective configuratio…
5.5
First published (updated )
Puppet Puppet EnterprisePuppet Enterprise versions prior to 2016.4.5 and 2017.2.1 did not correctly authenticate users befor…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Puppet Puppet EnterprisePuppet Enterprise 3.7.x and 3.8.0 might allow remote authenticated users to manage certificates for …
6.8
First published (updated )
Puppet Puppet EnterprisePuppet Enterprise 2015.3.3 and 2016.x before 2016.4.0, and Puppet Agent 1.3.6 through 1.7.0 allow re…
7.2
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.