Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
PuppetPuppetdb

3 matches found

CVE
CVEadded 2020/03/11 9:56 p.m.144 views

CVE-2020-7943

CVE-2020-7943 affects Puppet Server and PuppetDB, where the metrics API endpoints may disclose sensitive information. The issue stems from exposed metrics data (for PuppetDB: hostnames; for Puppet Server: resource names, titles, function names, and class names) when these endpoints were accessibl...

7.5CVSS7.2AI score0.65366EPSS
CVE
CVEadded 2021/07/20 10:44 a.m.62 views

CVE-2021-27021

CVE-2021-27021 affects Puppet DB. A flaw enables privilege escalation that allows a user to delete tables via an SQL query. This is corroborated across NVD, OSV, Nessus/NASL plugins, and OSV Debian/Ubuntu entries. The connected documents do not specify affected versions, root cause details, explo...

8.8CVSS8.8AI score0.00626EPSS
CVE
CVEadded 2021/08/30 5:56 p.m.56 views

CVE-2021-27019

Technical details about CVE-2021-27019 are not publicly available in the provided connected documents; descriptions reiterate information disclosure through PuppetDB logging. Monitor for updates.

4.3CVSS4.5AI score0.00204EPSS