559 matches found
CVE-2026-8804
The CVE concerns Puppet’s resource_api (bundled with Puppet Core 8.x and Puppet Enterprise 2023.8.x and 2025.x). A vulnerability exists where the sensitive flag on parameters defined via the resource-api is not preserved, causing values such as passwords to be stored in cleartext in the agent’s l...
CVE-2021-27026
A flaw was divered in Puppet Enterprise and other Puppet products where sensitive plan parameters may be logged...
CVE-2020-7944
In Continuous Delivery for Puppet Enterprise CD4PE before 3.4.0, changes to resources or classes containing Sensitive parameters can result in the Sensitive parameters ending up in the impact analysis report...
Code Injection
org.jenkins-ci.plugins.workflow, puppet-enterprise-pipeline is vulnerable to code injection The vulnerability is due to unsafe values specified in the custom Script Security whitelist, which allows an attacker with the ability to execute Script Security-protected scripts to execute arbitrary code...
EUVD-2021-13793
Malware in sbrugna...
EUVD-2018-18268
Malware in sbrugna...
EUVD-2013-4809
Malware in sbrugna...
EUVD-2013-4811
Malware in sbrugna...
EUVD-2013-2655
Malware in sbrugna...
EUVD-2015-4125
Malware in sbrugna...
EUVD-2013-4803
Malware in sbrugna...
EUVD-2018-18267
Malware in sbrugna...
EUVD-2013-4802
Malware in sbrugna...
EUVD-2019-2488
Malware in sbrugna...
EUVD-2013-4812
Malware in sbrugna...
EUVD-2015-6442
Malware in sbrugna...
EUVD-2016-3861
Malware in sbrugna...
EUVD-2018-3768
Malware in sbrugna...
EUVD-2014-3262
Malware in sbrugna...
EUVD-2013-4799
Malware in sbrugna...