Lucene search
K

182 matches found

RedHat Linux
RedHat Linux
added 2025/09/03 1:15 p.m.5 views

Moderate: Red Hat Security Advisory: Satellite 6.16.5.3 Async Update

A new release is now available for Red Hat Satellite 6.16 for RHEL 8 and 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

8.7CVSS6.9AI score0.01429EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/09/03 12:0 a.m.5 views

RHEL 8 / 9 : Satellite 6.16.5.3 Async Update (Moderate) (RHSA-2025:15124)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:15124 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to...

8.7CVSS7.6AI score0.01429EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.3 views

RHEL 9 : Satellite 6.17.3 Async Update (Moderate) (RHSA-2025:13269)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:13269 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide...

8.7CVSS7.6AI score0.01429EPSS
Exploits0References21
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2021-27023

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was discovered in Puppet Agent and Puppet Server that may result in a leak of HTTP credentials when following HTTP redirects to a different host. This is...

9.8CVSS8.1AI score0.01328EPSS
Exploits0References3
NVD
NVD
added 2025/02/07 8:15 p.m.23 views

CVE-2021-27017

Utilization of a module presented a security risk by allowing the deserialization of untrusted/user supplied data. This is resolved in the Puppet Agent 7.4.0 release...

6.6CVSS0.00541EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/07 7:28 p.m.17 views

CVE-2021-27017 Deserialization of untrusted data

Utilization of a module presented a security risk by allowing the deserialization of untrusted/user supplied data. This is resolved in the Puppet Agent 7.4.0 release...

6.6CVSS6.9AI score0.00541EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/07 7:28 p.m.21 views

CVE-2021-27017 Deserialization of untrusted data

Utilization of a module presented a security risk by allowing the deserialization of untrusted/user supplied data. This is resolved in the Puppet Agent 7.4.0 release...

6.6CVSS0.00541EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/02/07 12:0 a.m.9 views

PT-2025-5996 · Puppet · Puppet Agent

Name of the Vulnerable Software and Affected Versions: Puppet Agent versions prior to 7.4.0 Description: The issue arises from the utilization of a module that presents a security risk by allowing the deserialization of untrusted or user-supplied data. Recommendations: For Puppet Agent versions...

6.6CVSS6.9AI score0.00541EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2024/12/06 12:0 a.m.9 views

The vulnerability of the application for launching Puppet Agent, related to resource management errors, allows a hacker to trigger a service failure.

The vulnerability of the application for launching Puppet Agent is related to resource management errors. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

6.8CVSS6.5AI score0.01149EPSS
Exploits0References3Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/12/05 12:0 a.m.10 views

The vulnerability of the Puppet infrastructure automation tool and its startup application, Puppet Agent, relates to the insecure transfer of credentials. This allows a malicious individual to access confidential information.

The vulnerability of the Puppet infrastructure automation tool and its startup application, Puppet Agent, is related to the insecure transfer of credentials. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to confidential information...

10CVSS7.7AI score0.01328EPSS
Exploits0References3Affected Software3
Redos
Redos
added 2024/12/03 12:0 a.m.19 views

ROS-20241203-23

The vulnerability in the Puppet Agent launcher app is due to the fact that the app silently ignores the settings of the Augeas before the first synchronization of the plugin. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in...

9.8CVSS7.3AI score0.01328EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/04/29 11:1 p.m.108 views

Low: Red Hat Security Advisory: Red Hat Satellite Client bug fix and security update

Updated Satellite Client packages that fixes Low security bugs and regular bugs are now available for Red Hat Satellite. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to...

3.7CVSS7AI score0.06208EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/04/23 5:29 p.m.66 views

Important: Red Hat Security Advisory: Satellite Client Async Security Update

Updated Satellite Client packages that fixes Important security bugs and regular bugs are now available for Red Hat Satellite. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet acces...

9.8CVSS7.2AI score0.78483EPSS
Exploits6References3
RedHat Linux
RedHat Linux
added 2024/02/13 2:45 p.m.59 views

Important: Red Hat Security Advisory: Satellite 6.14.2 Async Security Update

Updated Satellite 6.14 packages that fixes Important security bugs and several regular bugs are now available for Red Hat Satellite. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet...

9.8CVSS7.2AI score0.78483EPSS
Exploits8References24
Tenable Nessus
Tenable Nessus
added 2023/11/01 12:0 a.m.12 views

Puppet Agent 7.x < 7.4.0 Deserialization Vulnerability

Utilization of a module presented a security risk by allowing the deserialization of untrusted/user supplied data. This is resolved in the Puppet Agent 7.4.0 release. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...

6.6CVSS6.7AI score0.00541EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/11/01 12:0 a.m.25 views

Puppet Agent < 7.1.0 Vulnerability

Puppet Agent prior to 7.1.0 contain a vulnerable version of OpenSSL. For more information about this vulnerability, refer to the OpenSSL security announcement for CVE-2020-1971. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...

5.9CVSS7.4AI score0.06968EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2023/11/01 12:0 a.m.28 views

Puppet Agent 6.x < 6.22.1 / 7.x < 7.6.1. Vulnerability

On March 25, 2021, OpenSSL published security updates addressing CVE-2021-3450 and CVE-2021-3449. Previous releases of Puppet Agent contain a vulnerable version of OpenSSL. For more information about this vulnerability, refer to the OpenSSL security announcement:...

7.4CVSS7.8AI score0.62906EPSS
Exploits4References3
Tenable Nessus
Tenable Nessus
added 2023/11/01 12:0 a.m.23 views

Puppet Agent 6.x < 6.22.1 / 7.x < 7.6.1 Vulnerability

On February 16, 2021, OpenSSL published security updates addressing CVE-2021-23841, CVE-2021-23839, and CVE-2021-23840. Previous releases of Puppet Agent contain a vulnerable version of OpenSSL. For more information about this vulnerability, refer to the OpenSSL security announcement. Note that...

7.5CVSS6.6AI score0.50732EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/11/01 12:0 a.m.34 views

Puppet Agent 6.x < 6.22.1 / 7.x < 7.6.1 Vulnerability

On March 31, 2021, curl published security updates addressing CVE-2021-22876 and CVE-2021-22890. Previous releases of Puppet Agent contain a vulnerable version of curl. For more information about this vulnerability, refer to the curl security announcements. Note that Nessus has not tested for thi...

5.3CVSS6.4AI score0.05301EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2023/11/01 12:0 a.m.39 views

Puppet Agent 6.x < 6.25.1 / 7.x < 7.12.1 Vulnerability

A flaw was discovered in Puppet Agent and Puppet Server that may result in a leak of HTTP credentials when following HTTP redirects to a different host. This is similar to CVE-2018-1000007. Note that Nessus has not tested for this issue but has instead relied only on the application's self-report...

9.8CVSS6.8AI score0.01328EPSS
Exploits0References2
Rows per page
Query Builder