Vulnerabilities > Puppet > Puppet > 2.6.10
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-10-27 | CVE-2011-3870 | Link Following vulnerability in multiple products Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to modify the permissions of arbitrary files via a symlink attack on the SSH authorized_keys file. | 6.3 |
| 2011-10-27 | CVE-2011-3869 | Link Following vulnerability in multiple products Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to overwrite arbitrary files via a symlink attack on the .k5login file. | 6.3 |