Vulnerabilities > Puppet > Puppet Enterprise > 2023.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-07 | CVE-2023-5309 | Session Fixation vulnerability in Puppet Enterprise Versions of Puppet Enterprise prior to 2021.7.6 and 2023.5 contain a flaw which results in broken session management for SAML implementations. | 9.8 |
| 2023-06-07 | CVE-2023-2530 | Unspecified vulnerability in Puppet Enterprise 2021.7.1/2023.0/2023.1.0 A privilege escalation allowing remote code execution was discovered in the orchestration service. | 9.8 |
| 2023-05-04 | CVE-2023-1894 | Unspecified vulnerability in Puppet Enterprise and Puppet Server A Regular Expression Denial of Service (ReDoS) issue was discovered in Puppet Server 7.9.2 certificate validation. | 5.3 |