Known Vulnerabilities for Discovery by Puppet

Listed below are 2 of the newest known vulnerabilities associated with "Discovery" by "Puppet".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE	Shortened Description	Severity	Publish Date	Last Modified
CVE-2026-4374	Improper Restriction of XML External Entity Reference vulnerability in RTI Connext Professional (Routing Service,Observabilit...	Not Provided	2026-04-01	2026-04-01
CVE-2018-11747	Previously, Puppet Discovery was shipped with a default generated TLS certificate in the nginx container. In version 1.4.0, a...	9.8 - CRITICAL	2019-03-21	2023-11-07
CVE-2018-11746	In Puppet Discovery prior to 1.2.0, when running Discovery against Windows hosts, WinRM connections can fall back to using ba...	9.8 - CRITICAL	2018-07-03	2023-11-07

Known Affected Configurations (CPE V2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Puppet	Discovery	1.9.0	All	All	All
Application	Puppet	Discovery	1.8.0	All	All	All
Application	Puppet	Discovery	1.7.0	All	All	All
Application	Puppet	Discovery	1.6.0	All	All	All
Application	Puppet	Discovery	1.5.0	All	All	All
Application	Puppet	Discovery	1.4.1	All	All	All
Application	Puppet	Discovery	1.4.0	All	All	All
Application	Puppet	Discovery	1.3.0	All	All	All
Application	Puppet	Discovery	1.2.0	All	All	All
Application	Puppet	Discovery	1.1.0	All	All	All
Application	Puppet	Discovery	1.0.1	All	All	All
Application	Puppet	Discovery	1.0.0	All	All	All