Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
puppet bolt vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-5214
In Puppet Bolt versions before 3.27.4, a path to escalate privileges was identified.
Puppet Bolt
3.5
CVSSv3
CVE-2022-2394
Puppet Bolt prior to version 3.24.0 will print sensitive parameters when planning a run resulting in them potentially being logged when run programmatically, such as via Puppet Enterprise.
Perforce Puppet Bolt
4.9
CVSSv3
CVE-2021-27022
A flaw exists in bolt-server and ace where running a task with sensitive parameters results in those sensitive parameters being logged when they should not be. This issue only affects SSH/WinRM nodes (inventory service nodes).
Puppet Puppet
Puppet Puppet Enterprise
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started