Filter
Software
puppet puppet enterprise
88
puppet puppet
43
puppetlabs puppet
31
puppet puppet agent
8
puppet puppet server
7
puppetlabs puppet enterprise users
7
puppet continuous delivery
4
puppet marionette collective
3
puppet puppetdb
3
puppet puppetlabs-mysql
3
puppet discovery
2
puppet facter
2
puppetlabs facter
2
puppet bolt
1
puppet chloride
1
puppet cisco ios
1
puppet cisco ios module
1
puppet device manager
1
puppet firewall
1
puppet hiera
1
puppet mcollective
1
puppet mcollective-puppet-agent
1
puppet mcollective-sshkey-security
1
puppet pe-razor-server
1
puppet puppet connect
1
puppet puppet dashboard
1
puppet puppet enterprise client tools
1
puppet puppetlabs-apache
1
puppet razor-server
1
puppet remediate
1
puppet stdlib
1
puppetlabs mcollective
1
puppetlabs puppet enterprise
1
CVE-2023-5309Broken Session Management in Puppet Enterprise
9.8
First published (updated )
Puppet Puppet ServerDenial of Service for Revocation of Auto Renewed Certificates
7.5
First published (updated )
Puppet Puppet EnterpriseA privilege escalation allowing remote code execution was discovered in the orchestration service.
9.8
First published (updated )
Puppet Puppet EnterpriseA Regular Expression Denial of Service (ReDoS) issue was discovered in Puppet Server 7.9.2 certifica…
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Puppet Puppetlabs-mysqlPuppetlabs-mysql Command Injection
8.8
First published (updated )
Fedoraproject FedoraPuppetlabs-apt Command Injection
9.8
First published (updated )
Puppet FirewallPuppet Firewall Module May Leave Unmanaged Rules
9.8
First published (updated )
Puppet Puppet AgentA flaw was discovered in Puppet Agent and Puppet Server that may result in a leak of HTTP credential…
9.8
First published (updated )
Puppet Puppet AgentA flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be …
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Puppet PuppetA flaw was divered in Puppet Enterprise and other Puppet products where sensitive plan parameters ma…
4.4
First published (updated )
Puppet Continuous DeliveryA flaw was discovered in Continuous Delivery for Puppet Enterprise (CD4PE) that results in a user wi…
8.1
First published (updated )
Puppet PuppetA flaw was discovered in bolt-server and ace where running a task with sensitive parameters results …
4.9
First published (updated )
Puppet RemediateThe mechanism which performs certificate validation was discovered to have a flaw that resulted in c…
7.5
First published (updated )
Puppet PuppetdbPuppetDB logging included potentially sensitive system information.
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Puppet Puppet EnterprisePuppet Enterprise presented a security risk by not sanitizing user input when doing a CSV export.
8.8
First published (updated )
Puppet Continuous DeliveryLocal registry credentials were included directly in the CD4PE deployment definition, which could ex…
5.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/puppet-agentA flaw was found in Puppet, where changes in the application lead to node declarations having increa…
6.5
First published (updated )
Redhat Openshiftmcollective has a default password set at install
9.8
First published (updated )
redhat/puppet-agentPrevious versions of Puppet Agent didn't verify the peer in the SSL connection prior to downloading …
5.4
First published (updated )
Puppet Continuous DeliveryWhen using the cd4pe::root_configuration task to configure a Continuous Delivery for PE installation…
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Puppet Puppet EnterpriseThe express install, which is the suggested way to install Puppet Enterprise, gives the user a URL a…
9.8
First published (updated )
Puppet DiscoveryPreviously, Puppet Discovery was shipped with a default generated TLS certificate in the nginx conta…
9.8
First published (updated )
Puppet ChloridePrior to version 0.3.0, chloride's use of net-ssh resulted in host fingerprints for previously unkno…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.