10 matches found
EUVD-2013-4803
Malware in sbrugna...
EUVD-2016-3859
Malware in sbrugna...
EUVD-2015-4125
Malware in sbrugna...
CVE-2025-5459
A user with specific node group editing permissions and a specially crafted class parameter could be used to execute commands as root on the primary host. It affects Puppet Enterprise versions 2018.1.8 through 2023.8.3 and 2025.3 and has been resolved in versions 2023.8.4 and 2025.4.0...
CVE-2025-5459 OS Command Injection
A user with specific node group editing permissions and a specially crafted class parameter could be used to execute commands as root on the primary host. It affects Puppet Enterprise versions 2018.1.8 through 2023.8.3 and 2025.3 and has been resolved in versions 2023.8.4 and 2025.4.0...
CVE-2025-5459 OS Command Injection
A user with specific node group editing permissions and a specially crafted class parameter could be used to execute commands as root on the primary host. It affects Puppet Enterprise versions 2018.1.8 through 2023.8.3 and 2025.3 and has been resolved in versions 2023.8.4 and 2025.4.0...
PT-2025-26943 · Puppet · Puppet Enterprise
Name of the Vulnerable Software and Affected Versions: Puppet Enterprise versions 2018.1.8 through 2023.8.3 Puppet Enterprise version 2025.3 Description: A user with specific node group editing permissions and a specially crafted class parameter could execute commands as root on the primary host...
CVE-2021-27024
A flaw was discovered in Continuous Delivery for Puppet Enterprise CD4PE that results in a user with lower privileges being able to access a Puppet Enterprise API token. This issue is resolved in CD4PE 4.10.0...
Puppet 安全漏洞
Puppet is a set of configuration management tools based on the client/server C/S architecture from Puppet Labs in the United States, which can be used to manage configuration files, users, cron tasks, packages, system services, etc. Puppet Agent is a Puppet agent end-program. A security...
Puppet 日志信息泄露漏洞
Puppet is a set of configuration management tools based on client/server C/S architecture from Puppet Labs in the United States, which can be used to manage profiles, users, cron tasks, packages, system services, etc. There is a security vulnerability in Puppet Enterprise. No information about th...