Puppet Enterprise Security Vulnerabilities
A flaw was discovered in Puppet Agent and Puppet Server that may result in a leak of HTTP credentials when following HTTP redirects to a different host. This is similar to...
9.8CVSS
7.8AI Score
0.002EPSS
A flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of Service condition prior to the first...
6.5CVSS
6.3AI Score
0.001EPSS
A flaw was divered in Puppet Enterprise and other Puppet products where sensitive plan parameters may be...
4.4CVSS
4.7AI Score
0.0004EPSS
A flaw was discovered in bolt-server and ace where running a task with sensitive parameters results in those sensitive parameters being logged when they should not be. This issue only affects SSH/WinRM nodes (inventory service...
4.9CVSS
5AI Score
0.001EPSS
Puppet Enterprise presented a security risk by not sanitizing user input when doing a CSV...
8.8CVSS
8.7AI Score
0.002EPSS
4.3CVSS
4.6AI Score
0.001EPSS
A flaw was discovered in Puppet DB, this flaw results in an escalation of privileges which allows the user to delete tables via an SQL...
8.8CVSS
8.9AI Score
0.001EPSS