Puppetlabs-apt is vulnerable to Command Injection. This vulnerability can be exploited by an attacke by providing unsanitized input to the module which can lead to command injection.
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CH4NUKZKPY4MFQHFBTONJK2AWES4DFDA/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YR5LIOF5VKS4DC2NQWXTMPPXOYJC46XC/
lists.fedoraproject.org/archives/list/[email protected]/message/CH4NUKZKPY4MFQHFBTONJK2AWES4DFDA/
lists.fedoraproject.org/archives/list/[email protected]/message/YR5LIOF5VKS4DC2NQWXTMPPXOYJC46XC/
puppet.com/security/cve/CVE-2022-3275
security-tracker.debian.org/tracker/CVE-2022-3275