Vulnerabilities > Puppet > Puppet > 2021.0.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-11-18 | CVE-2021-27025 | A flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of Service condition prior to the first 'pluginsync'. | 6.5 |
2021-11-18 | CVE-2021-27026 | Information Exposure Through Log Files vulnerability in Puppet Enterprise A flaw was divered in Puppet Enterprise and other Puppet products where sensitive plan parameters may be logged | 2.1 |
2021-09-07 | CVE-2021-27022 | Information Exposure Through Log Files vulnerability in Puppet and Puppet Enterprise A flaw was discovered in bolt-server and ace where running a task with sensitive parameters results in those sensitive parameters being logged when they should not be. | 4.9 |