Published: 07/10/2022 Updated: 29/06/2023

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 0

Command injection is possible in the puppetlabs-mysql module prior to version 13.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of Puppet and Puppet Enterprise.

Vulnerable Product	Search on Vulmon	Subscribe to Product
puppet puppetlabs-mysql

Synopsis Important: Red Hat OpenStack Platform (puppet-mysql) security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for puppet-mysql is now available for Red Hat OpenStack Platform130 (Queens), 161 ( ...

Debian Bug report logs - #1027154 puppet-module-puppetlabs-mysql: CVE-2022-3276 Package: src:puppet-module-puppetlabs-mysql; Maintainer for src:puppet-module-puppetlabs-mysql is Puppet Package Maintainers <pkg-puppet-devel@listsaliothdebianorg>; Reported by: Moritz Mühlenhoff <jmm@inutilorg> Date: Wed, 28 Dec 202 ...

Description This CVE is under investigation by Red Hat Product Security ...

NVD-CWE-Other https://puppet.com/security/cve/CVE-2022-3276 https://access.redhat.com/errata/RHSA-2022:7238 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2022-3276

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2022-3276

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect