Known Vulnerabilities for Puppet Agent by Puppet
Listed below are 8 of the newest known vulnerabilities associated with "Puppet Agent" by "Puppet".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-27025 | A flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of... | 6.5 - MEDIUM | 2021-11-18 | 2023-11-07 |
| CVE-2021-27023 | A flaw was discovered in Puppet Agent and Puppet Server that may result in a leak of HTTP credentials when following HTTP red... | 9.8 - CRITICAL | 2021-11-18 | 2023-11-07 |
| CVE-2020-7942 | Previously, Puppet operated on a model that a node with a valid certificate was entitled to all information in the system and... | 6.5 - MEDIUM | 2020-02-19 | 2021-12-30 |
| CVE-2016-5714 | Puppet Enterprise 2015.3.3 and 2016.x before 2016.4.0, and Puppet Agent 1.3.6 through 1.7.0 allow remote attackers to bypass ... | 7.2 - HIGH | 2017-10-18 | 2022-01-24 |
| CVE-2016-5713 | Versions of Puppet Agent prior to 1.6.0 included a version of the Puppet Execution Protocol (PXP) agent that passed environme... | 9.8 - CRITICAL | 2017-12-06 | 2017-12-28 |
| CVE-2016-2786 | The pxp-agent component in Puppet Enterprise 2015.3.x before 2015.3.3 and Puppet Agent 1.3.x before 1.3.6 does not properly v... | 9.8 - CRITICAL | 2016-06-10 | 2022-01-24 |
| CVE-2016-2785 | Puppet Server before 2.3.2 and Ruby puppetmaster in Puppet 4.x before 4.4.2 and in Puppet Agent before 1.4.2 might allow remo... | 9.8 - CRITICAL | 2016-06-10 | 2021-09-09 |
| CVE-2015-1855 | verify_certificate_identity in the OpenSSL extension in Ruby before 2.0.0 patchlevel 645, 2.1.x before 2.1.6, and 2.2.x befor... | 5.9 - MEDIUM | 2019-11-29 | 2020-09-30 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Puppet | Puppet Agent | 4.1.1 | All | All | All |
| Application | Puppet | Puppet Agent | 4.1.0 | All | All | All |
| Application | Puppet | Puppet Agent | 4.0.0 | All | All | All |
| Application | Puppet | Puppet Agent | 3.2.0 | All | All | All |
| Application | Puppet | Puppet Agent | 3.1.0 | All | All | All |
| Application | Puppet | Puppet Agent | 3.0.2 | All | All | All |
| Application | Puppet | Puppet Agent | 3.0.1 | All | All | All |
| Application | Puppet | Puppet Agent | 3.0.0 | All | All | All |
| Application | Puppet | Puppet Agent | 2.2.3 | All | All | All |
| Application | Puppet | Puppet Agent | 2.2.2 | All | All | All |
| Application | Puppet | Puppet Agent | 2.2.1 | All | All | All |
| Application | Puppet | Puppet Agent | 2.2.0 | All | All | All |
| Application | Puppet | Puppet Agent | 2.1.2 | All | All | All |
| Application | Puppet | Puppet Agent | 2.1.1 | All | All | All |
| Application | Puppet | Puppet Agent | 2.1.0 | All | All | All |
| Application | Puppet | Puppet Agent | 2.0.1 | All | All | All |
| Application | Puppet | Puppet Agent | 2.0.0 | All | All | All |
| Application | Puppet | Puppet Agent | 1.7.0 | All | All | All |
| Application | Puppet | Puppet Agent | 1.6.2 | All | All | All |
| Application | Puppet | Puppet Agent | 1.6.1 | All | All | All |