18 matches found
EUVD-2022-42672
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-3275
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Command injection is possible in the puppetlabs-apt module prior to version 9.0.0. A malicious actor is able to exploit this vulnerability only if they are able...
Malicious code in puppetlabs-apt (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d3d7b24d31b73020af01d32ac4c79293dde10b8c8994012a9e685ae70f788d3a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-1171 Malicious code in puppetlabs-apt (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d3d7b24d31b73020af01d32ac4c79293dde10b8c8994012a9e685ae70f788d3a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Command Injection
Puppetlabs-apt is vulnerable to Command Injection. This vulnerability can be exploited by an attacke by providing unsanitized input to the module which can lead to command injection...
SUSE CVE-2022-3275
Command injection is possible in the puppetlabs-apt module prior to version 9.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of Puppet and Puppet Enterprise...
Fedora 36 : wireshark (2022-1f2fbb087e)
The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-1f2fbb087e advisory. New version 3.6.10 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...
Puppet puppetlabs-apt module command injection vulnerability
Puppet is a client/server C/S architecture-based configuration management tool from Puppet Labs that can be used to manage configuration files, users, cron tasks, packages, system services, etc. A command injection vulnerability exists in versions of Puppet Puppetlabs-apt module prior to 9.0.0. T...
CVE-2022-3275
Command injection is possible in the puppetlabs-apt module prior to version 9.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of Puppet and Puppet Enterprise...
CVE-2022-3275
Command injection is possible in the puppetlabs-apt module prior to version 9.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of Puppet and Puppet Enterprise...
CVE-2022-3275
Command injection is possible in the puppetlabs-apt module prior to version 9.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of Puppet and Puppet Enterprise...
DEBIAN-CVE-2022-3275
Command injection is possible in the puppetlabs-apt module prior to version 9.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of Puppet and Puppet Enterprise...
CVE-2022-3275
Command injection is possible in the puppetlabs-apt module prior to version 9.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of Puppet and Puppet Enterprise...
UBUNTU-CVE-2022-3275
Command injection is possible in the puppetlabs-apt module prior to version 9.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of Puppet and Puppet Enterprise...
CVE-2022-3275
CVE-2022-3275 affects the puppetlabs-apt module prior to version 9.0.0. Affected component: Puppet/Puppet Enterprise’s puppetlabs-apt module. Root cause: command injection via unsanitized input provided to the module. Impact (as described): potential high-severity impact if an attacker can supply...
CVE-2022-3275
Command injection is possible in the puppetlabs-apt module prior to version 9.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of Puppet and Puppet Enterprise...
CVE-2022-3275 Puppetlabs-apt Command Injection
Command injection is possible in the puppetlabs-apt module prior to version 9.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of Puppet and Puppet Enterprise...
Puppet 安全漏洞
Puppet is a client/server C/S architecture-based configuration management tool from Puppet Labs that can be used to manage configuration files, users, cron tasks, packages, system services, etc. A command injection vulnerability exists in versions of Puppet Puppetlabs-apt module prior to 9.0.0. T...