Vulnerabilities > Puppet > Puppet > 5.5.10
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-20 | CVE-2021-27021 | SQL Injection vulnerability in Puppet A flaw was discovered in Puppet DB, this flaw results in an escalation of privileges which allows the user to delete tables via an SQL query. | 6.5 |
| 2020-02-19 | CVE-2020-7942 | Improper Certificate Validation vulnerability in Puppet and Puppet Agent Previously, Puppet operated on a model that a node with a valid certificate was entitled to all information in the system and that a compromised certificate allowed access to everything in the infrastructure. | 4.0 |