Filtered by vendor Puppet
Subscribe
Total
127 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-6512 | 1 Puppet | 3 Pe-razor-server, Puppet Enterprise, Razor-server | 2018-08-01 | 7.5 HIGH | 9.8 CRITICAL |
| The previous version of Puppet Enterprise 2018.1 is vulnerable to unsafe code execution when upgrading pe-razor-server. Affected releases are Puppet Enterprise: 2018.1.x versions prior to 2018.1.1 and razor-server and pe-razor-server prior to 1.9.0.0. | |||||
| CVE-2017-2295 | 2 Debian, Puppet | 2 Debian Linux, Puppet | 2018-05-24 | 6.0 MEDIUM | 8.2 HIGH |
| Versions of Puppet prior to 4.10.1 will deserialize data off the wire (from the agent to the server, in this case) with a attacker-specified format. This could be used to force YAML deserialization in an unsafe manner, which would lead to remote code execution. This change constrains the format of data on the wire to PSON or safely decoded YAML. | |||||
| CVE-2015-7224 | 1 Puppet | 1 Puppetlabs-mysql | 2018-01-09 | 7.5 HIGH | 9.8 CRITICAL |
| puppetlabs-mysql 3.1.0 through 3.6.0 allow remote attackers to bypass authentication by leveraging creation of a database account without a password when a 'mysql_user' user parameter contains a host with a netmask. | |||||
| CVE-2016-5713 | 1 Puppet | 1 Puppet Agent | 2017-12-28 | 7.5 HIGH | 9.8 CRITICAL |
| Versions of Puppet Agent prior to 1.6.0 included a version of the Puppet Execution Protocol (PXP) agent that passed environment variables through to Puppet runs. This could allow unauthorized code to be loaded. This bug was first introduced in Puppet Agent 1.3.0. | |||||
| CVE-2014-3250 | 3 Apache, Puppet, Redhat | 3 Http Server, Puppet, Linux | 2017-12-27 | 4.0 MEDIUM | 6.5 MEDIUM |
| The default vhost configuration file in Puppet before 3.6.2 does not include the SSLCARevocationCheck directive, which might allow remote attackers to obtain sensitive information via a revoked certificate when a Puppet master runs with Apache 2.4. | |||||
| CVE-2010-0156 | 1 Puppet | 1 Puppet | 2017-12-09 | 3.3 LOW | N/A |
| Puppet 0.24.x before 0.24.9 and 0.25.x before 0.25.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/daemonout, (2) /tmp/puppetdoc.txt, (3) /tmp/puppetdoc.tex, or (4) /tmp/puppetdoc.aux temporary file. | |||||
| CVE-2017-2292 | 1 Puppet | 1 Mcollective | 2017-09-06 | 7.5 HIGH | 9.0 CRITICAL |
| Versions of MCollective prior to 2.10.4 deserialized YAML from agents without calling safe_load, allowing the potential for arbitrary code execution on the server. The fix for this is to call YAML.safe_load on input. This has been tested in all Puppet-supplied MCollective plugins, but there is a chance that third-party plugins could rely on this insecure behavior. | |||||