CVE-2021-27025
published 2021-11-18CVE-2021-27025: A flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of Service condition prior to the…
medium6.5CVSS 3.1
AVNACLPRLUINSUCNINAH
A flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of Service condition prior to the first 'pluginsync'.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | puppet | — | — |
| debian | puppet-agent | — | — |
| fedoraproject | fedora | — | — |
| puppet | puppet | >= 0 < 6.25.1 | 6.25.1 |
| puppet | puppet | >= 2021.0.0 < 2021.4.0 | 2021.4.0 |
| puppet | puppet | >= 7.0.0 < 7.12.1 | 7.12.1 |
| puppet | puppet_agent | < 6.25.1 | 6.25.1 |
| puppet | puppet_agent | 5.5.0 – 5.5.22 | — |
| puppet | puppet_agent | >= 7.0.0 < 7.12.1 | 7.12.1 |
| puppet | puppet_enterprise | < 2019.8.9 | 2019.8.9 |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
osv6.5MEDIUM