Filter
AND
-Infinity
0

Trending

Last week
Last month
Last year

PuppetDeserialization of untrusted data

medium
6.6
First published (updated )
CVE-2021-27017

redhat/puppet-serverA Regular Expression Denial of Service (ReDoS) issue was discovered in Puppet Server 7.9.2 certifica…

medium
5.3
First published (updated )
CVE-2023-1894

PuppetA flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be …

medium
6.5
First published (updated )
CVE-2021-27025

PuppetA flaw was divered in Puppet Enterprise and other Puppet products where sensitive plan parameters ma…

medium
4.4
First published (updated )
CVE-2021-27026

PuppetA flaw was discovered in bolt-server and ace where running a task with sensitive parameters results …

medium
4.9
First published (updated )
CVE-2021-27022

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Puppet PuppetDBPuppetDB logging included potentially sensitive system information.

medium
4.3
First published (updated )
CVE-2021-27019

Puppet Continuous DeliveryLocal registry credentials were included directly in the CD4PE deployment definition, which could ex…

medium
5.5
First published (updated )
CVE-2020-7945

PuppetA flaw was found in Puppet, where changes in the application lead to node declarations having increa…

medium
6.5
First published (updated )
CVE-2020-7942

redhat/puppet-agentPrevious versions of Puppet Agent didn't verify the peer in the SSL connection prior to downloading …

medium
5.4
First published (updated )
CVE-2018-11751

Puppet Continuous DeliveryWhen using the cd4pe::root_configuration task to configure a Continuous Delivery for PE installation…

medium
6.5
First published (updated )
CVE-2019-10695

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Puppet EnterpriseXSS

medium
6.1
First published (updated )
CVE-2013-4968

RubyInput Validation

medium
5.9
First published (updated )
CVE-2015-1855

Puppet Cisco IOSPrevious releases of the Puppet cisco_ios module output SSH session debug information including logi…

medium
5.5
First published (updated )
CVE-2018-11752

Puppet Cisco IOSInput Validation

medium
6.5
First published (updated )
CVE-2018-11750

Puppet EnterpriseXSS Vulnerability in Puppet Enterprise Console

medium
5.4
First published (updated )
CVE-2018-6510

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Puppet EnterpriseXSS Vulnerability in Puppet Enterprise Console

medium
5.4
First published (updated )
CVE-2018-6511

redhat/puppet-agentIn previous versions of Puppet Agent it was possible for the agent to retrieve facts from an environ…

medium
6.5
First published (updated )
CVE-2017-10690

redhat/puppetLast updated 24 July 2024

medium
5.5
First published (updated )
CVE-2017-10689

Puppet EnterpriseVersions of Puppet Enterprise prior to 2016.4.5 or 2017.2.1 shipped with an MCollective configuratio…

medium
5.5
First published (updated )
CVE-2017-2293

Puppet EnterpriseInput Validation

medium
6.5
First published (updated )
CVE-2017-2296

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Puppet EnterprisePuppet Enterprise 3.7.x and 3.8.0 might allow remote authenticated users to manage certificates for …

medium
6.8
First published (updated )
CVE-2015-4100

Puppet EnterpriseInfoleak

medium
6.5
First published (updated )
CVE-2015-8470

Puppet EnterpriseXSS

medium
6.1
First published (updated )
CVE-2015-6502

Puppet MCollective SSHKey Security PuppetInput Validation

medium
6.5
First published (updated )
CVE-2017-2298

Puppet EnterpriseThe Puppet Communications Protocol in Puppet Enterprise 2015.3.x before 2015.3.3 does not properly v…

medium
5.3
First published (updated )
CVE-2016-2787

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Puppet EnterpriseInput Validation

medium
5.3
First published (updated )
CVE-2016-9686

Puppet EnterpriseOpen redirect vulnerability in the Console in Puppet Enterprise before 2015.2.1 allows remote attack…

medium
6.1
First published (updated )
CVE-2015-6501

Puppet EnterpriseOpen redirect vulnerability in the Console in Puppet Enterprise 2015.x and 2016.x before 2016.4.0 al…

medium
6.1
First published (updated )
CVE-2016-5715

Puppet EnterpriseInfoleak

medium
4.7
First published (updated )
CVE-2015-7328

Puppet stdlibThe puppetlabs-stdlib module 2.1 through 3.0 and 4.1.0 through 4.5.x before 4.5.1 for Puppet 2.8.8 a…

medium
6.5
First published (updated )
CVE-2015-1029

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203