Puppet Agent 1.7.0

CPE Details

Puppet Agent 1.7.0
puppet
puppet_agent
1.7.0
2020-09-30
10h26 +00:00
2020-09-30
10h26 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:puppet:puppet_agent:1.7.0:*:*:*:*:*:*:*

Informations

Vendor

puppet

Product

puppet_agent

Version

1.7.0

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2021-27023 2021-11-18 13h33 +00:00 A flaw was discovered in Puppet Agent and Puppet Server that may result in a leak of HTTP credentials when following HTTP redirects to a different host. This is similar to CVE-2018-1000007
9.8
Critique
CVE-2021-27025 2021-11-18 13h30 +00:00 A flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of Service condition prior to the first 'pluginsync'.
6.5
Moyen
CVE-2016-5714 2017-10-18 16h00 +00:00 Puppet Enterprise 2015.3.3 and 2016.x before 2016.4.0, and Puppet Agent 1.3.6 through 1.7.0 allow remote attackers to bypass a host whitelist protection mechanism and execute arbitrary code on Puppet nodes via vectors related to command validation, aka "Puppet Execution Protocol (PXP) Command Whitelist Validation Vulnerability."
7.2
Haute