Latest Vulnerabilities Affecting Puppetlabs products

Date CVE Title CVSS
2018-05-08 CVE-2018-6510 Cross-Site Scripting (XSS) vulnerability in Puppetlabs Puppet 2017.3 Low
2018-05-08 CVE-2018-6511 Cross-Site Scripting (XSS) vulnerability in Puppetlabs Puppet 2017.3 Low
2017-10-18 CVE-2016-5714 Improper Access Control vulnerability in Puppet and Puppetlabs products Medium
2017-06-30 CVE-2017-2298 Input Validation vulnerability in Puppetlabs Mcollective Sshkey Security 0.5.0 Medium
2017-03-03 CVE-2017-2290 Permissions, Privileges, and Access Control vulnerability in Puppetlabs Mcollective Puppet Agent 1.12.0 High
2017-02-13 CVE-2016-2787 Improper Access Control vulnerability in Puppet and Puppetlabs products Medium
2017-01-30 CVE-2015-7331 Security Features vulnerability in Puppetlabs Mcollective Puppet Agent 1.11.0 Medium
2016-06-10 CVE-2016-2785 Improper Access Control vulnerability in Puppetlabs Puppet, puppet agent and puppet server High
2016-06-10 CVE-2016-2786 Input Validation vulnerability in Puppet and Puppetlabs products High
2015-02-23 CVE-2015-1426 Information Leak / Disclosure vulnerability in Puppet and Puppetlabs products Low
2014-11-16 CVE-2014-3248 Code vulnerability in Puppet and Puppetlabs products Medium
2014-08-12 CVE-2014-3251 Race Conditions vulnerability in Puppet and Puppetlabs products Medium
2014-03-14 CVE-2012-5158 Authentication Issues vulnerability in Puppet and Puppetlabs products Medium
2014-03-14 CVE-2013-1399 Cross-Site Request Forgery (CSRF) vulnerability in Puppet and Puppetlabs products Medium
2014-03-14 CVE-2013-1398 Cryptographic Issues vulnerability in Puppet and Puppetlabs products High