CVE-2024-27294
CVE-2024-27294 concerns the Go/Puppet toolchain issue for the dp-golang module. Affected: dp-golang prior to 1.2.7, used with Puppet running as root on macOS (Go versions 1.4.3–1.21rc3; specific bootstrap tarballs). Root cause: files within the Go installation could be created with incorrect owne...