2.8.1

DATE	CVE	VULNERABILITY TITLE	RISK
2013-08-19	CVE-2013-3567	Improper Input Validation vulnerability in multiple products Puppet 2.7.x before 2.7.22 and 3.2.x before 3.2.2, and Puppet Enterprise before 2.8.2, deserializes untrusted YAML, which allows remote attackers to instantiate arbitrary Ruby classes and execute arbitrary code via a crafted REST API call. network low complexity puppet puppetlabs canonical novell CWE-20	7.5