Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
puppet bolt vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-5214
In Puppet Bolt versions before 3.27.4, a path to escalate privileges was identified.
Puppet Bolt
3.5
CVSSv3
CVE-2022-2394
Puppet Bolt prior to version 3.24.0 will print sensitive parameters when planning a run resulting in them potentially being logged when run programmatically, such as via Puppet Enterprise.
Perforce Puppet Bolt
4.9
CVSSv3
CVE-2021-27022
A flaw exists in bolt-server and ace where running a task with sensitive parameters results in those sensitive parameters being logged when they should not be. This issue only affects SSH/WinRM nodes (inventory service nodes).
Puppet Puppet
Puppet Puppet Enterprise
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started