Puppet Agent 1.6.1

CPE Details

Puppet Agent 1.6.1
1.6.1
2020-09-30
10h26 +00:00
2020-09-30
10h26 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:puppet:puppet_agent:1.6.1:*:*:*:*:*:*:*

Informations

Vendor

puppet

Product

puppet_agent

Version

1.6.1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-27023 2021-11-18 13h33 +00:00 A flaw was discovered in Puppet Agent and Puppet Server that may result in a leak of HTTP credentials when following HTTP redirects to a different host. This is similar to CVE-2018-1000007
9.8
Critical
CVE-2021-27025 2021-11-18 13h30 +00:00 A flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of Service condition prior to the first 'pluginsync'.
6.5
Medium
CVE-2016-5714 2017-10-18 16h00 +00:00 Puppet Enterprise 2015.3.3 and 2016.x before 2016.4.0, and Puppet Agent 1.3.6 through 1.7.0 allow remote attackers to bypass a host whitelist protection mechanism and execute arbitrary code on Puppet nodes via vectors related to command validation, aka "Puppet Execution Protocol (PXP) Command Whitelist Validation Vulnerability."
7.2
High