96 matches found
DEBIAN-CVE-2022-3275
Command injection is possible in the puppetlabs-apt module prior to version 9.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of Puppet and Puppet Enterprise...
CVE-2022-3275
Command injection is possible in the puppetlabs-apt module prior to version 9.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of Puppet and Puppet Enterprise...
Command injection
Command injection is possible in the puppetlabs-mysql module prior to version 13.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of Puppet and Puppet Enterprise...
CVE-2022-3275
Command injection is possible in the puppetlabs-apt module prior to version 9.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of Puppet and Puppet Enterprise...
CVE-2022-3276
Command injection is possible in the puppetlabs-mysql module prior to version 13.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of Puppet and Puppet Enterprise...
UBUNTU-CVE-2022-3275
Command injection is possible in the puppetlabs-apt module prior to version 9.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of Puppet and Puppet Enterprise...
UBUNTU-CVE-2022-3276
Command injection is possible in the puppetlabs-mysql module prior to version 13.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of Puppet and Puppet Enterprise...
CVE-2022-3275 Puppetlabs-apt Command Injection
Command injection is possible in the puppetlabs-apt module prior to version 9.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of Puppet and Puppet Enterprise...
CVE-2022-3275
CVE-2022-3275 affects the puppetlabs-apt module prior to version 9.0.0. Affected component: Puppet/Puppet Enterprise’s puppetlabs-apt module. Root cause: command injection via unsanitized input provided to the module. Impact (as described): potential high-severity impact if an attacker can supply...
CVE-2022-3276
CVE-2022-3276 concerns the puppetlabs-mysql module. The vulnerability allows command injection in versions prior to 13.0.0 when unsanitized input is provided to the module. The NVD/CVSS data indicate a high-severity issue (base score up to 8.8) with network access as a potential attack vector and...
CVE-2022-3276 Puppetlabs-mysql Command Injection
Command injection is possible in the puppetlabs-mysql module prior to version 13.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of Puppet and Puppet Enterprise...
CVE-2022-3275
Command injection is possible in the puppetlabs-apt module prior to version 9.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of Puppet and Puppet Enterprise...
CVE-2022-3276
A flaw was in the puppetlabs-mysql module, where a Command injection can occur. This flaw allows a malicious actor to provide unsanitized input to the module...
Puppet 安全漏洞
Puppet is a set of client/server C/S architecture-based configuration management tools from Puppet Labs in the United States, which can be used to manage configuration files, users, cron tasks, packages, system services, etc. A command injection vulnerability exists in puppet puppetlabs-mysql...
Puppet 安全漏洞
Puppet is a client/server C/S architecture-based configuration management tool from Puppet Labs that can be used to manage configuration files, users, cron tasks, packages, system services, etc. A command injection vulnerability exists in versions of Puppet Puppetlabs-apt module prior to 9.0.0. T...
Malicious code in puppetlabs-stdlib (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3bb4e20bec3e724ec039fd51674fc57f444147bfd9dad149587c7ad63c1f3c12 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-5520 Malicious code in puppetlabs-stdlib (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3bb4e20bec3e724ec039fd51674fc57f444147bfd9dad149587c7ad63c1f3c12 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
puppetlabs-rabbitmq allows local users to obtain sensitive information
puppetlabs-rabbitmq 3.0 through 4.1 stores the RabbitMQ Erlang cookie value in the facts of a node, which allows local users to obtain sensitive information as demonstrated by using Facter...
GHSA-H3GH-978R-747W puppetlabs-rabbitmq allows local users to obtain sensitive information
puppetlabs-rabbitmq 3.0 through 4.1 stores the RabbitMQ Erlang cookie value in the facts of a node, which allows local users to obtain sensitive information as demonstrated by using Facter...
FreeBSD : puppet6 -- Arbitrary Catalog Retrieval (77687355-52aa-11ea-b115-643150d3111d)
Puppetlabs reports : Previously, Puppet operated on a model that a node with a valid certificate was entitled to all information in the system and that a compromised certificate allowed access to everything in the infrastructure. When a node's catalog falls back to the default node, the catalog c...