software: puppet 7.25.0
OS: ROSA-CHROME
package_evr_string: puppet-7.25.0-1.src.rpm
CVE-ID: CVE-2021-27021
BDU-ID: 2022-01884
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the PuppetDB database management system is related to the failure to take measures to protect the SQL query structure. Exploitation of the vulnerability allows an attacker acting remotely to gain access to sensitive data, compromise its integrity, and cause a denial-of-service condition
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update puppet