Puppet: >> Puppet >> 2021.2.0 Security Vulnerabilities
A flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of Service condition prior to the first 'pluginsync'.
CVSS Score
6.5
EPSS Score
0.002
Published
2021-11-18
A flaw was divered in Puppet Enterprise and other Puppet products where sensitive plan parameters may be logged
CVSS Score
4.4
EPSS Score
0.001
Published
2021-11-18
A flaw was discovered in bolt-server and ace where running a task with sensitive parameters results in those sensitive parameters being logged when they should not be. This issue only affects SSH/WinRM nodes (inventory service nodes).
CVSS Score
4.9
EPSS Score
0.003
Published
2021-09-07