5 matches found
Puppet Enterprise < 2017.3.4 Code Execution Vulnerability
According to its self-reported version number, the Puppet install running on the remote host is version 5.5.x prior to 2017.3.4. It is, therefore, affected by multiple vulnerabilities: - a remote code execution vulnerability due to incorrect validation of strings in the factertask or puppetconf...
CVE-2017-10690
In previous versions of Puppet Agent it was possible for the agent to retrieve facts from an environment that it was not classified to retrieve from. This was resolved in Puppet Agent 5.3.4, included in Puppet Enterprise 2017.3.4...
CVE-2017-10690
In previous versions of Puppet Agent it was possible for the agent to retrieve facts from an environment that it was not classified to retrieve from. This was resolved in Puppet Agent 5.3.4, included in Puppet Enterprise 2017.3.4...
CVE-2017-10690
In previous versions of Puppet Agent it was possible for the agent to retrieve facts from an environment that it was not classified to retrieve from. This was resolved in Puppet Agent 5.3.4, included in Puppet Enterprise 2017.3.4...
CVE-2017-10690
Puppet Agent vulnerability CVE-2017-10690 allowed retrieving facts from an environment the agent was not classified to access. Root cause: environment leakage within the agent’s fact retrieval. Fixes were implemented in Puppet Agent 5.3.4, included in Puppet Enterprise 2017.3.4; other references ...