Moderate severityNVD Advisory· Published Nov 18, 2021· Updated Aug 3, 2024
CVE-2021-27025
CVE-2021-27025
Description
A flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of Service condition prior to the first 'pluginsync'.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
puppetRubyGems | >= 7.0.0, < 7.12.1 | 7.12.1 |
puppetRubyGems | < 6.25.1 | 6.25.1 |
Affected products
2- Puppet/Agentdescription
Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-q4g7-jrxv-67r9ghsaADVISORY
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62SELE7EKVKZL4GABFMVYMIIUZ7FPEF7/mitrevendor-advisoryx_refsource_FEDORA
- nvd.nist.gov/vuln/detail/CVE-2021-27025ghsaADVISORY
- github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2021-27025.ymlghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62SELE7EKVKZL4GABFMVYMIIUZ7FPEF7ghsaWEB
- puppet.com/security/cve/cve-2021-27025ghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.