Filter
Versions
2.5.1
19
3.0.0
17
2.0.0
16
2.5.2
15
2.8.0
15
2.8.1
14
2.8.2
13
1.2.0
12
2.8.3
11
1.2.1
8
1.2.2
8
1.2.3
8
2.0.1
8
2.0.2
8
1.2.4
7
3.1.0
7
2.7.0
6
2017.1.0
6
2.5.0
5
2015.2.0
5
2017.1.1
5
2018.1.0
5
1.0
4
1.1
4
2.7.1
4
2016.5.1
4
3.8.0
4
2015.3.0
3
2015.3.2
3
2015.3.3
3
2016.1.1
3
2016.2.0
3
2016.4.0
3
2016.5.2
3
2017.3.0
3
2023.0
3
3.0.1
3
3.7.0
3
2015.2.1
2
2015.2.2
2
2015.2.3
2
2016.1.2
2
2016.2.1
2
2017.2.1
2
2019.0
2
2021.0.0
2
3.1.1
2
3.7.2
2
2.0.3
1
2.6.0
1
2.7.2
1
2.8.4
1
2.8.5
1
2.8.6
1
2.8.8
1
2015.3.1
1
2016.4.14
1
2016.4.3
1
2017.2.3
1
2017.3.2
1
2017.3.9
1
2018.1.3
1
2021.7.0
1
2021.7.1
1
2021.7.3
1
2023.1.0
1
3.1
1
3.2.0
1
3.8.1
1
3.8.2
1
3.8.6
1
Puppet Marionette CollectiveMCollective 2.7.0 and 2.8.x before 2.8.9, as used in Puppet Enterprise, allows remote attackers to e…
9.8
First published (updated )
Puppet Puppet AgentA flaw was discovered in Puppet Agent and Puppet Server that may result in a leak of HTTP credential…
9.8
First published (updated )
Puppet Puppet EnterpriseThe express install, which is the suggested way to install Puppet Enterprise, gives the user a URL a…
9.8
First published (updated )
Puppet Puppet EnterpriseWhen users are configured to use startTLS with RBAC LDAP, at login time, the user's credentials are …
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Puppet Puppet EnterpriseA privilege escalation allowing remote code execution was discovered in the orchestration service.
9.8
First published (updated )
CVE-2023-5309Broken Session Management in Puppet Enterprise
9.8
First published (updated )
Puppet PuppetThe (1) template and (2) inline_template functions in the master server in Puppet before 2.6.18, 2.7…
First published (updated )
Puppet Puppet EnterprisePuppet Enterprise 2015.3 before 2015.3.1 allows remote attackers to bypass a host whitelist protecti…
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Puppet Puppet EnterprisePuppet Enterprise presented a security risk by not sanitizing user input when doing a CSV export.
8.8
First published (updated )
Puppet Puppet EnterpriseThe console in Puppet Enterprise 2015.x and 2016.x prior to 2016.4.0 includes unsafe string reads th…
8.8
First published (updated )
Puppet PuppetPuppet Enterprise 2016.4.x prior to 2016.4.12, Puppet Enterprise 2017.3.x prior to 2017.3.7, Puppet …
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Puppet Puppet EnterpriseThe pe_mcollective module in Puppet Enterprise (PE) before 2.7.1 does not properly restrict access t…
8.5
First published (updated )
Puppet Puppet EnterprisePuppet Enterprise 2017.3.x prior to 2017.3.3 are vulnerable to a remote execution bug when a special…
8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Puppet Puppet EnterprisePuppet Enterprise versions prior to 2016.4.5 and 2017.2.1 did not correctly authenticate users befor…
7.5
First published (updated )
Puppet Puppet EnterprisePuppet Enterprise 2015.3.3 and 2016.x before 2016.4.0, and Puppet Agent 1.3.6 through 1.7.0 allow re…
7.2
First published (updated )
Puppet PuppetPuppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.…
7.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Puppet Puppet EnterprisePuppet Enterprise before 3.0.1 does not use a session timeout, which makes it easier for attackers t…
6.9
First published (updated )
Puppet PuppetThe change_user method in the SUIDManager (lib/puppet/util/suidmanager.rb) in Puppet 2.6.x before 2.…
6.9
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.