Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
puppet puppetdb vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2021-27021
A flaw exists in Puppet DB, this flaw results in an escalation of privileges which allows the user to delete tables via an SQL query.
Puppet Puppet
Puppet Puppetdb
Puppet Puppet Enterprise
5
CVSSv2
CVE-2020-7943
Puppet Server and PuppetDB provide useful performance and debugging information via their metrics API endpoints. For PuppetDB this may contain things like hostnames. Puppet Server reports resource names and titles for defined types (which may contain sensitive information) as wel...
Puppet Puppet Server
Puppet Puppetdb
Puppet Puppet Enterprise
2 Github repositories
5
CVSSv2
CVE-2017-2294
Versions of Puppet Enterprise before 2016.4.5 or 2017.2.1 failed to mark MCollective server private keys as sensitive (a feature added in Puppet 4.6), so key values could be logged and stored in PuppetDB. These releases use the sensitive data type to ensure this won't happen...
Puppet Puppet Enterprise 2016.5.1
Puppet Puppet Enterprise
Puppet Puppet Enterprise 2016.5.2
Puppet Puppet Enterprise 2017.1.1
Puppet Puppet Enterprise 2017.1.0
4
CVSSv2
CVE-2021-27019
PuppetDB logging included potentially sensitive system information.
Puppet Puppetdb
Puppet Puppet Enterprise
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started