Filters

Software

puppet puppet enterprise
9
puppet puppet agent
4
puppet discovery
2
puppet marionette collective
2
puppet puppet
2
puppet puppet server
2
puppet puppetlabs-mysql
2
puppet bolt
1
puppet firewall
1
puppet mcollective
1
puppet mcollective-puppet-agent
1
puppet pe-razor-server
1
puppet razor-server
1

Puppet Puppet EnterpriseBroken Session Management in Puppet Enterprise

critical
9.8
First published (updated )
CVE-2023-5309

Puppet Bolt- Privilege Escalation in Puppet Bolt

critical
9.8
First published (updated )
CVE-2023-5214

Puppet Puppet EnterpriseA privilege escalation allowing remote code execution was discovered in the orchestration service.

critical
9.8
First published (updated )
CVE-2023-2530

Fedoraproject FedoraPuppetlabs-apt Command Injection

critical
9.8
First published (updated )
CVE-2022-3275

Puppet FirewallPuppet Firewall Module May Leave Unmanaged Rules

critical
9.8
First published (updated )
CVE-2022-0675

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Puppet Puppet AgentA flaw was discovered in Puppet Agent and Puppet Server that may result in a leak of HTTP credential…

critical
9.8
First published (updated )
CVE-2021-27023

Redhat Openshiftmcollective has a default password set at install

critical
9.8
First published (updated )
CVE-2014-0175

Puppet Puppet EnterpriseThe express install, which is the suggested way to install Puppet Enterprise, gives the user a URL a…

critical
9.8
First published (updated )
CVE-2019-10694

Puppet DiscoveryPreviously, Puppet Discovery was shipped with a default generated TLS certificate in the nginx conta…

critical
9.8
First published (updated )
CVE-2018-11747

Puppet Puppet EnterpriseWhen users are configured to use startTLS with RBAC LDAP, at login time, the user's credentials are …

critical
9.8
First published (updated )
CVE-2018-11749

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Puppet DiscoveryPuppet Discovery can leak authentication information

critical
9.8
First published (updated )
CVE-2018-11746

Puppet Pe-razor-serverCode Injection

critical
9.8
First published (updated )
CVE-2018-6512

Puppet Puppetlabs-mysqlpuppetlabs-mysql 3.1.0 through 3.6.0 allow remote attackers to bypass authentication by leveraging c…

critical
9.8
First published (updated )
CVE-2015-7224

Puppet Puppet AgentCode Injection

critical
9.8
First published (updated )
CVE-2016-5713

Puppet McollectiveVersions of MCollective prior to 2.10.4 deserialized YAML from agents without calling safe_load, all…

critical
9
First published (updated )
CVE-2017-2292

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Puppet Mcollective-puppet-agentOn Windows installations of the mcollective-puppet-agent plugin, version 1.12.0, a non-administrator…

critical
9
First published (updated )
CVE-2017-2290

Puppet Marionette CollectiveMCollective 2.7.0 and 2.8.x before 2.8.9, as used in Puppet Enterprise, allows remote attackers to e…

critical
9.8
First published (updated )
CVE-2016-2788

Puppet Puppet AgentInput Validation

critical
9.8
First published (updated )
CVE-2016-2786

Puppet PuppetPuppet Server before 2.3.2 and Ruby puppetmaster in Puppet 4.x before 4.4.2 and in Puppet Agent befo…

critical
9.8
First published (updated )
CVE-2016-2785

Puppet PuppetThe (1) template and (2) inline_template functions in the master server in Puppet before 2.6.18, 2.7…

critical
9
First published (updated )
CVE-2013-1640

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203