Lucene search
Veracode Vulnerability DatabaseVERACODE:38125HistoryNov 21, 2022 - 3:50 a.m.
Information Disclosure
2022-11-2103:50:15
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
123
puppet vulnerability http disclosure
EPSS
0.002
Percentile
64.7%
puppet is vulnerable to information disclosure. The vulnerability exists due to HTTP credential leaking when following HTTP redirects to a different host.
References
access.redhat.com/security/cve/cve-2021-27023
bugzilla.suse.com/show_bug.cgi?id=1192797
github.com/advisories/GHSA-93j5-g845-9wqp
github.com/puppetlabs/puppet/commit/9a8d3ef017cf63ce0f848ec64394f7bad287e825
github.com/puppetlabs/puppet/commit/e90023a8b54a58073d71dae655d7636e2c9bcc61
github.com/puppetlabs/puppet/pull/8811
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62SELE7EKVKZL4GABFMVYMIIUZ7FPEF7/
lists.fedoraproject.org/archives/list/[email protected]/message/62SELE7EKVKZL4GABFMVYMIIUZ7FPEF7/
puppet.com/security/cve/CVE-2021-27023
Related
cnvd
cnvd
Puppet Server Information Disclosure Vulnerability
2021-11-13 00:00:00
redhatcve
redhatcve
CVE-2021-27023
2021-11-16 18:08:17
nessus
nessus
redhat
redhat
(RHSA-2022:1478) Important: Satellite 6.9.9 Async Bug Fix Update
2022-04-20 20:12:28
(RHSA-2022:1708) Important: Satellite 6.10.5 Async Bug Fix Update
2022-05-04 12:54:25
(RHSA-2022:4866) Important: Satellite Tools 6.10.5 Async Bug Fix Update
2022-06-01 13:30:58
fedora
fedora
[SECURITY] Fedora 35 Update: puppet-7.12.1-1.fc35
2021-11-28 00:45:39
github
github
Unsafe HTTP Redirect in Puppet Agent and Puppet Server
2021-12-02 17:52:45
osv
osv
Unsafe HTTP Redirect in Puppet Agent and Puppet Server
2021-12-02 17:52:45
CVE-2021-27023
2021-11-18 15:15:09
debiancve
debiancve
CVE-2021-27023
2021-11-18 15:15:09
nvd
nvd
CVE-2021-27023
2021-11-18 15:15:09
cvelist
cvelist
CVE-2021-27023
2021-11-18 14:33:18
prion
prion
Heap overflow
2021-11-18 15:15:00
ubuntucve
ubuntucve
CVE-2021-27023
2021-11-18 00:00:00
cve
cve
CVE-2021-27023
2021-11-18 15:15:09
freebsd
freebsd
puppet -- Unsafe HTTP Redirect
2021-11-09 00:00:00
rubygems
rubygems
Unsafe HTTP Redirect in Puppet Agent and Puppet Server
2021-12-01 21:00:00
openvas
openvas
Fedora: Security Advisory for puppet (FEDORA-2021-1c0e788093)
2021-12-04 00:00:00