VYPR
Medium severity5.5NVD Advisory· Published Feb 9, 2018· Updated Jun 17, 2026

CVE-2017-10689

CVE-2017-10689

Description

In previous versions of Puppet Agent it was possible to install a module with world writable permissions. Puppet Agent 5.3.4 and 1.10.10 included a fix to this vulnerability.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
puppetRubyGems
< 4.10.104.10.10
puppetRubyGems
>= 5.0.0, < 5.3.45.3.4

Affected products

7

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.