VYPR
Unrated severityNVD Advisory· Published Dec 17, 2014· Updated Jun 17, 2026

CVE-2014-7170

CVE-2014-7170

Description

Race condition in Puppet Server 0.2.0 allows local users to obtain sensitive information by accessing it in between package installation or upgrade and the start of the service.

Affected products

2
  • cpe:2.3:a:puppet:puppet_server:0.2.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:puppet:puppet_server:0.2.0:*:*:*:*:*:*:*
    • (no CPE)range: =0.2.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.