Latest Vulnerabilities Affecting Puppetlabs products

Date CVE Title CVSS
2018-05-08 CVE-2018-6510 Cross-Site Scripting (XSS) vulnerability in Puppetlabs Puppet 2017.3 Low
2018-05-08 CVE-2018-6511 Cross-Site Scripting (XSS) vulnerability in Puppetlabs Puppet 2017.3 Low
2017-10-18 CVE-2016-5714 Improper Access Control vulnerability in Puppetlabs Puppet Agent and Puppet Enterprise Medium
2017-08-09 CVE-2016-5716 Format String Vulnerability vulnerability in Puppetlabs Puppet Enterprise Medium
2017-06-30 CVE-2017-2298 Input Validation vulnerability in Puppetlabs Mcollective Sshkey Security 0.5.0 Medium
2017-03-03 CVE-2017-2290 Permissions, Privileges, and Access Control vulnerability in Puppetlabs Mcollective Puppet Agent 1.12.0 High
2017-02-13 CVE-2016-2787 Improper Access Control vulnerability in Puppetlabs Puppet Enterprise 2015.3/2015.3.2 Medium
2017-02-13 CVE-2016-2788 Improper Access Control vulnerability in Puppet and Puppetlabs products High
2017-02-08 CVE-2016-9686 Input Validation vulnerability in Puppetlabs Puppet Enterprise 2016.4.0/2016.4.2/2016.5.1 Medium
2017-01-30 CVE-2015-7331 Security Features vulnerability in Puppetlabs Mcollective Puppet Agent 1.11.0 Medium
2016-06-10 CVE-2016-2785 Improper Access Control vulnerability in Puppetlabs Puppet, puppet agent and puppet server High
2016-06-10 CVE-2016-2786 Input Validation vulnerability in Puppetlabs Puppet Agent and Puppet Enterprise High
2016-01-08 CVE-2015-7328 Information Leak / Disclosure vulnerability in Puppetlabs Puppet Enterprise Low
2015-02-23 CVE-2015-1426 Information Leak / Disclosure vulnerability in Puppetlabs Facter Low
2015-02-03 CVE-2014-9568 Information Leak / Disclosure vulnerability in Puppetlabs Rabbitmq 3.0.0/3.1.0/4.0.0 Low