9 matches found
EUVD-2021-0827
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2020-7942
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Previously, Puppet operated on a model that a node with a valid certificate was entitled to all information in the system and that a compromised certificate...
SUSE CVE-2020-7942
Previously, Puppet operated on a model that a node with a valid certificate was entitled to all information in the system and that a compromised certificate allowed access to everything in the infrastructure. When a node's catalog falls back to the default node, the catalog can be retrieved for a...
Improper Certificate Validation in Puppet
Previously, Puppet operated on the model that a node with a valid certificate was entitled to all information in the system and that a compromised certificate allowed access to everything in the infrastructure. When a node's catalog falls back to the default node, the catalog can be retrieved for...
Improper Input Validation
Overview puppet is an automated configuration management tool. Affected versions of this package are vulnerable to Improper Input Validation. Puppet operated on a model that a node with a valid certificate was entitled to all information in the system and that a compromised certificate allowed...
Improper Certificate Validation in Puppet
Previously, Puppet operated on a model that a node with a valid certificate was entitled to all information in the system and that a compromised certificate allowed access to everything in the infrastructure. When a node's catalog falls back to the default node, the catalog can be retrieved for a...
puppet: Arbitrary catalog retrieval
A flaw was found in Puppet, where changes in the application lead to node declarations having increased access. An attacker can use this flaw to modify run facts and to retrieve different nodes of information when the stricthostnamechecking is false, and the node's catalog falls back to the defau...
DEBIAN-CVE-2020-7942
Previously, Puppet operated on a model that a node with a valid certificate was entitled to all information in the system and that a compromised certificate allowed access to everything in the infrastructure. When a node's catalog falls back to the default node, the catalog can be retrieved for a...
CVE-2020-7942
Previously, Puppet operated on a model that a node with a valid certificate was entitled to all information in the system and that a compromised certificate allowed access to everything in the infrastructure. When a node's catalog falls back to the default node, the catalog can be retrieved for a...