Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
puppet puppetdb vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2021-27019
PuppetDB logging included potentially sensitive system information.
Puppet Puppet Enterprise
Puppet Puppetdb
578
VMScore
CVE-2021-27021
A flaw exists in Puppet DB, this flaw results in an escalation of privileges which allows the user to delete tables via an SQL query.
Puppet Puppet
Puppet Puppet Enterprise
Puppet Puppetdb
446
VMScore
CVE-2020-7943
Puppet Server and PuppetDB provide useful performance and debugging information via their metrics API endpoints. For PuppetDB this may contain things like hostnames. Puppet Server reports resource names and titles for defined types (which may contain sensitive information) as wel...
Puppet Puppet Enterprise
Puppet Puppet Server
Puppet Puppetdb
2 Github repositories
445
VMScore
CVE-2017-2294
Versions of Puppet Enterprise before 2016.4.5 or 2017.2.1 failed to mark MCollective server private keys as sensitive (a feature added in Puppet 4.6), so key values could be logged and stored in PuppetDB. These releases use the sensitive data type to ensure this won't happen...
Puppet Puppet Enterprise 2016.5.2
Puppet Puppet Enterprise 2017.1.0
Puppet Puppet Enterprise 2017.1.1
Puppet Puppet Enterprise 2016.5.1
Puppet Puppet Enterprise
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started