The previous version of Puppet Enterprise 2018.1 is vulnerable to unsafe code execution when upgrading pe-razor-server. Affected releases are Puppet Enterprise: 2018.1.x versions prior to 2018.1.1 and razor-server and pe-razor-server prior to 1.9.0.0.
[
{
"product": "Puppet Enterprise 2018.1.x prior to 2018.1.1, razor-server and pe-razor-server prior to 1.9.0.0",
"vendor": "Puppet",
"versions": [
{
"status": "affected",
"version": "2018.1.0, prior to 1.9.0.0"
}
]
}
]