182 matches found
Moderate: Red Hat Security Advisory: Satellite 6.16.5.3 Async Update
A new release is now available for Red Hat Satellite 6.16 for RHEL 8 and 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...
RHEL 8 / 9 : Satellite 6.16.5.3 Async Update (Moderate) (RHSA-2025:15124)
The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:15124 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to...
RHEL 9 : Satellite 6.17.3 Async Update (Moderate) (RHSA-2025:13269)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:13269 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide...
Linux Distros Unpatched Vulnerability : CVE-2021-27023
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was discovered in Puppet Agent and Puppet Server that may result in a leak of HTTP credentials when following HTTP redirects to a different host. This is...
CVE-2021-27017
Utilization of a module presented a security risk by allowing the deserialization of untrusted/user supplied data. This is resolved in the Puppet Agent 7.4.0 release...
CVE-2021-27017 Deserialization of untrusted data
Utilization of a module presented a security risk by allowing the deserialization of untrusted/user supplied data. This is resolved in the Puppet Agent 7.4.0 release...
CVE-2021-27017 Deserialization of untrusted data
Utilization of a module presented a security risk by allowing the deserialization of untrusted/user supplied data. This is resolved in the Puppet Agent 7.4.0 release...
PT-2025-5996 · Puppet · Puppet Agent
Name of the Vulnerable Software and Affected Versions: Puppet Agent versions prior to 7.4.0 Description: The issue arises from the utilization of a module that presents a security risk by allowing the deserialization of untrusted or user-supplied data. Recommendations: For Puppet Agent versions...
The vulnerability of the application for launching Puppet Agent, related to resource management errors, allows a hacker to trigger a service failure.
The vulnerability of the application for launching Puppet Agent is related to resource management errors. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...
The vulnerability of the Puppet infrastructure automation tool and its startup application, Puppet Agent, relates to the insecure transfer of credentials. This allows a malicious individual to access confidential information.
The vulnerability of the Puppet infrastructure automation tool and its startup application, Puppet Agent, is related to the insecure transfer of credentials. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to confidential information...
ROS-20241203-23
The vulnerability in the Puppet Agent launcher app is due to the fact that the app silently ignores the settings of the Augeas before the first synchronization of the plugin. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in...
Low: Red Hat Security Advisory: Red Hat Satellite Client bug fix and security update
Updated Satellite Client packages that fixes Low security bugs and regular bugs are now available for Red Hat Satellite. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to...
Important: Red Hat Security Advisory: Satellite Client Async Security Update
Updated Satellite Client packages that fixes Important security bugs and regular bugs are now available for Red Hat Satellite. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet acces...
Important: Red Hat Security Advisory: Satellite 6.14.2 Async Security Update
Updated Satellite 6.14 packages that fixes Important security bugs and several regular bugs are now available for Red Hat Satellite. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet...
Puppet Agent 7.x < 7.4.0 Deserialization Vulnerability
Utilization of a module presented a security risk by allowing the deserialization of untrusted/user supplied data. This is resolved in the Puppet Agent 7.4.0 release. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...
Puppet Agent < 7.1.0 Vulnerability
Puppet Agent prior to 7.1.0 contain a vulnerable version of OpenSSL. For more information about this vulnerability, refer to the OpenSSL security announcement for CVE-2020-1971. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...
Puppet Agent 6.x < 6.22.1 / 7.x < 7.6.1. Vulnerability
On March 25, 2021, OpenSSL published security updates addressing CVE-2021-3450 and CVE-2021-3449. Previous releases of Puppet Agent contain a vulnerable version of OpenSSL. For more information about this vulnerability, refer to the OpenSSL security announcement:...
Puppet Agent 6.x < 6.22.1 / 7.x < 7.6.1 Vulnerability
On February 16, 2021, OpenSSL published security updates addressing CVE-2021-23841, CVE-2021-23839, and CVE-2021-23840. Previous releases of Puppet Agent contain a vulnerable version of OpenSSL. For more information about this vulnerability, refer to the OpenSSL security announcement. Note that...
Puppet Agent 6.x < 6.22.1 / 7.x < 7.6.1 Vulnerability
On March 31, 2021, curl published security updates addressing CVE-2021-22876 and CVE-2021-22890. Previous releases of Puppet Agent contain a vulnerable version of curl. For more information about this vulnerability, refer to the curl security announcements. Note that Nessus has not tested for thi...
Puppet Agent 6.x < 6.25.1 / 7.x < 7.12.1 Vulnerability
A flaw was discovered in Puppet Agent and Puppet Server that may result in a leak of HTTP credentials when following HTTP redirects to a different host. This is similar to CVE-2018-1000007. Note that Nessus has not tested for this issue but has instead relied only on the application's self-report...