Puppetlabs Puppet Enterprise 3.2.0

CPE Details

Puppetlabs Puppet Enterprise 3.2.0
puppetlabs
puppet
3.2.0
2014-03-10
13h37 +00:00
2019-07-10
15h47 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:puppetlabs:puppet:3.2.0:-:enterprise:*:*:*:*:*

Informations

Vendor

puppetlabs

Product

puppet

Version

3.2.0

Update

-

edition

enterprise

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2013-4969 2014-01-07 17h00 +00:00 Puppet before 3.3.3 and 3.4 before 3.4.1 and Puppet Enterprise (PE) before 2.8.4 and 3.1 before 3.1.1 allows local users to overwrite arbitrary files via a symlink attack on unspecified files.
2.1
CVE-2013-4761 2013-08-20 20h00 +00:00 Unspecified vulnerability in Puppet 2.7.x before 2.7.23 and 3.2.x before 3.2.4, and Puppet Enterprise 2.8.x before 2.8.3 and 3.0.x before 3.0.1, allows remote attackers to execute arbitrary Ruby programs from the master via the resource_type service. NOTE: this vulnerability can only be exploited utilizing unspecified "local file system access" to the Puppet Master.
5.1
CVE-2013-4956 2013-08-20 20h00 +00:00 Puppet Module Tool (PMT), as used in Puppet 2.7.x before 2.7.23 and 3.2.x before 3.2.4, and Puppet Enterprise 2.8.x before 2.8.3 and 3.0.x before 3.0.1, installs modules with weak permissions if those permissions were used when the modules were originally built, which might allow local users to read or modify those modules depending on the original permissions.
3.6
CVE-2013-3567 2013-08-19 21h00 +00:00 Puppet 2.7.x before 2.7.22 and 3.2.x before 3.2.2, and Puppet Enterprise before 2.8.2, deserializes untrusted YAML, which allows remote attackers to instantiate arbitrary Ruby classes and execute arbitrary code via a crafted REST API call.
7.5