Lucene search
+L

182 matches found

redhat
redhat
added 2025/09/03 1:15 p.m.6 views

Moderate: Red Hat Security Advisory: Satellite 6.16.5.3 Async Update

A new release is now available for Red Hat Satellite 6.16 for RHEL 8 and 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

8.7CVSS6.9AI score0.01429EPSS
Exploits0References4
nessus
nessus
added 2025/09/03 12:0 a.m.5 views

RHEL 8 / 9 : Satellite 6.16.5.3 Async Update (Moderate) (RHSA-2025:15124)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:15124 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to...

8.7CVSS7.6AI score0.01429EPSS
Exploits0References7
nessus
nessus
added 2025/08/07 12:0 a.m.3 views

RHEL 9 : Satellite 6.17.3 Async Update (Moderate) (RHSA-2025:13269)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:13269 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide...

8.7CVSS7.6AI score0.01429EPSS
Exploits0References21
nessus
nessus
added 2025/03/04 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2021-27023

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was discovered in Puppet Agent and Puppet Server that may result in a leak of HTTP credentials when following HTTP redirects to a different host. This is...

9.8CVSS8.1AI score0.01328EPSS
Exploits0References3
nvd
nvd
added 2025/02/07 8:15 p.m.23 views

CVE-2021-27017

Utilization of a module presented a security risk by allowing the deserialization of untrusted/user supplied data. This is resolved in the Puppet Agent 7.4.0 release...

6.6CVSS0.00541EPSS
Exploits0References1
cvelist
cvelist
added 2025/02/07 7:28 p.m.22 views

CVE-2021-27017 Deserialization of untrusted data

Utilization of a module presented a security risk by allowing the deserialization of untrusted/user supplied data. This is resolved in the Puppet Agent 7.4.0 release...

6.6CVSS0.00541EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/02/07 7:28 p.m.17 views

CVE-2021-27017 Deserialization of untrusted data

Utilization of a module presented a security risk by allowing the deserialization of untrusted/user supplied data. This is resolved in the Puppet Agent 7.4.0 release...

6.6CVSS6.9AI score0.00541EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2025/02/07 12:0 a.m.9 views

PT-2025-5996 · Puppet · Puppet Agent

Name of the Vulnerable Software and Affected Versions: Puppet Agent versions prior to 7.4.0 Description: The issue arises from the utilization of a module that presents a security risk by allowing the deserialization of untrusted or user-supplied data. Recommendations: For Puppet Agent versions...

6.6CVSS6.9AI score0.00541EPSS
Exploits0References5
bdu_fstec
bdu_fstec
added 2024/12/06 12:0 a.m.10 views

The vulnerability of the application for launching Puppet Agent, related to resource management errors, allows a hacker to trigger a service failure.

The vulnerability of the application for launching Puppet Agent is related to resource management errors. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

6.8CVSS6.5AI score0.01149EPSS
Exploits0References3Affected Software4
bdu_fstec
bdu_fstec
added 2024/12/05 12:0 a.m.10 views

The vulnerability of the Puppet infrastructure automation tool and its startup application, Puppet Agent, relates to the insecure transfer of credentials. This allows a malicious individual to access confidential information.

The vulnerability of the Puppet infrastructure automation tool and its startup application, Puppet Agent, is related to the insecure transfer of credentials. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to confidential information...

10CVSS7.7AI score0.01328EPSS
Exploits0References3Affected Software3
redos
redos
added 2024/12/03 12:0 a.m.19 views

ROS-20241203-23

The vulnerability in the Puppet Agent launcher app is due to the fact that the app silently ignores the settings of the Augeas before the first synchronization of the plugin. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in...

9.8CVSS7.3AI score0.01328EPSS
Exploits0
redhat
redhat
added 2024/04/29 11:1 p.m.108 views

Low: Red Hat Security Advisory: Red Hat Satellite Client bug fix and security update

Updated Satellite Client packages that fixes Low security bugs and regular bugs are now available for Red Hat Satellite. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to...

3.7CVSS7AI score0.06208EPSS
Exploits0References3
redhat
redhat
added 2024/04/23 5:29 p.m.66 views

Important: Red Hat Security Advisory: Satellite Client Async Security Update

Updated Satellite Client packages that fixes Important security bugs and regular bugs are now available for Red Hat Satellite. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet acces...

9.8CVSS7.2AI score0.78483EPSS
Exploits6References3
redhat
redhat
added 2024/02/13 2:45 p.m.60 views

Important: Red Hat Security Advisory: Satellite 6.14.2 Async Security Update

Updated Satellite 6.14 packages that fixes Important security bugs and several regular bugs are now available for Red Hat Satellite. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet...

9.8CVSS7.2AI score0.78483EPSS
Exploits8References24
nessus
nessus
added 2023/11/01 12:0 a.m.34 views

Puppet Agent 6.x < 6.22.1 / 7.x < 7.6.1 Vulnerability

On March 31, 2021, curl published security updates addressing CVE-2021-22876 and CVE-2021-22890. Previous releases of Puppet Agent contain a vulnerable version of curl. For more information about this vulnerability, refer to the curl security announcements. Note that Nessus has not tested for thi...

5.3CVSS6.4AI score0.05301EPSS
Exploits2References5
nessus
nessus
added 2023/11/01 12:0 a.m.43 views

Puppet Agent 5.x < 5.5.22 / 6.x < 6.19.0 Vulnerability

On August 19, 2020, curl published security updates addressing CVE-2020-8231. Previous releases of Puppet Agent contain a vulnerable version of curl. For more information about this vulnerability, refer to the security announcement for CVE-2020-8231. Note that Nessus has not tested for this issue...

7.5CVSS6.7AI score0.03721EPSS
Exploits1References2
nessus
nessus
added 2023/11/01 12:0 a.m.39 views

Puppet Agent 6.x < 6.25.1 / 7.x < 7.12.1 Vulnerability

A flaw was discovered in Puppet Agent and Puppet Server that may result in a leak of HTTP credentials when following HTTP redirects to a different host. This is similar to CVE-2018-1000007. Note that Nessus has not tested for this issue but has instead relied only on the application's self-report...

9.8CVSS6.8AI score0.01328EPSS
Exploits0References2
nessus
nessus
added 2023/11/01 12:0 a.m.26 views

Puppet Agent 6.x < 6.23.0 / 7.x < 7.8.0 Multiple Vulnerabilities

On May 26, 2021 curl published security updates addressing 3 CVEs: CVE-2021-22897 Low CVE-2021-22898 Medium CVE-2021-22901 High. Previous releases of Puppet Agent contain this vulnerable version of curl. For more information about this vulnerability, refer to the curl ecurity announcements. Note...

8.1CVSS6.9AI score0.60122EPSS
Exploits3References7
nessus
nessus
added 2023/11/01 12:0 a.m.36 views

Puppet Agent < 6.25.1 / 7.x < 7.12.1 Vulnerability

A flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of Service condition prior to the first pluginsync. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...

6.5CVSS6.3AI score0.01149EPSS
Exploits0References2
nessus
nessus
added 2023/11/01 12:0 a.m.12 views

Puppet Agent 7.x < 7.4.0 Deserialization Vulnerability

Utilization of a module presented a security risk by allowing the deserialization of untrusted/user supplied data. This is resolved in the Puppet Agent 7.4.0 release. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...

6.6CVSS6.7AI score0.00541EPSS
Exploits0References2
Rows per page
Query Builder