VYPR

rpm package

suse/rubygem-puppet&distro=SUSE Linux Enterprise Module for Advanced Systems Management 12

pkg:rpm/suse/rubygem-puppet&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Advanced%20Systems%20Management%2012

Vulnerabilities (2)

  • CVE-2021-27023Nov 18, 2021
    affected < 4.8.1-32.6.1fixed 4.8.1-32.6.1

    A flaw was discovered in Puppet Agent and Puppet Server that may result in a leak of HTTP credentials when following HTTP redirects to a different host. This is similar to CVE-2018-1000007

  • CVE-2017-10689MedFeb 9, 2018
    affected < 4.8.1-32.3.1fixed 4.8.1-32.3.1

    In previous versions of Puppet Agent it was possible to install a module with world writable permissions. Puppet Agent 5.3.4 and 1.10.10 included a fix to this vulnerability.