0.006 Low
EPSS
Percentile
78.0%
A flaw was discovered in Puppet Agent and Puppet Server that may result in a leak of HTTP credentials when following HTTP redirects to a different host. This is similar to CVE-2018-1000007
github.com/puppetlabs/puppet
github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2021-27023.yml
lists.fedoraproject.org/archives/list/[email protected]/message/62SELE7EKVKZL4GABFMVYMIIUZ7FPEF7
nvd.nist.gov/vuln/detail/CVE-2021-27023
puppet.com/security/cve/CVE-2021-27023