Puppet — Vulnerabilities & Security Advisories 37

Browse all 37 CVE security advisories affecting Puppet. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Puppet:Puppet Enterprise Puppet Agent Bolt Puppet Discovery PEADM Forge Module puppetlabs-mysql puppetlabs-apt Firewall Module Puppet Chloride pe-client-tools Puppet Enterprise and Puppet Agent Puppet Enterprise 2018.1.x prior to 2018.1.1, razor-server and pe-razor-server prior to 1.9.0.0 puppetlabs-apache mcollective Puppet server mcollective, Puppet, Puppet Enterprise mcollective-puppet-agent plugin

CVE ID	Title	CVSS	Severity	Published
CVE-2024-9160	Security Misconfiguration in Forge module PEADM — PEADM Forge ModuleCWE-295	9.1^AI	Critical^AI	2024-09-27
CVE-2023-5309	Broken Session Management in Puppet Enterprise — Puppet EnterpriseCWE-384	6.8	Medium	2023-11-07
CVE-2023-5214	CVE-2023-5214 - Privilege Escalation in Puppet Bolt — BoltCWE-269	6.5	Medium	2023-10-06
CVE-2023-5255	Denial of Service for Revocation of Auto Renewed Certificates — Puppet EnterpriseCWE-404	4.4	Medium	2023-10-03
CVE-2023-2530	Puppet 安全漏洞 — Puppet Enterprise	8.8	-	2023-06-07
CVE-2023-1894	Puppet Server 安全漏洞 — Puppet Enterprise	7.5	-	2023-05-04
CVE-2022-3276	Puppetlabs-mysql Command Injection — puppetlabs-mysqlCWE-78	8.4	High	2022-10-07
CVE-2022-3275	Puppetlabs-apt Command Injection — puppetlabs-aptCWE-78	8.4	High	2022-10-07
CVE-2022-2394	Sensitive Parameter Exposure in Puppet Bolt prior to 3.24 — BoltCWE-200	4.1	Medium	2022-07-19
CVE-2022-0675	Puppet Firewall Module May Leave Unmanaged Rules — Firewall ModuleCWE-1289	5.6	Medium	2022-03-02
CVE-2020-7942	Puppet 信任管理问题漏洞 — Puppet	6.5	-	2020-02-19
CVE-2018-11747	Puppet Discovery 信任管理问题漏洞 — Puppet Discovery	9.8	-	2019-03-17
CVE-2018-6517	chloride 安全漏洞 — Chloride	7.5	-	2019-03-17
CVE-2018-11749	Puppet Enterprise 信息泄露漏洞 — Puppet Enterprise	8.8	-	2018-08-24
CVE-2018-11746	Puppet Discovery can leak authentication information — Puppet Discovery	9.1	-	2018-07-03
CVE-2018-6516	PE client tools for Windows 安全漏洞 — pe-client-tools	7.8	-	2018-06-14
CVE-2018-6515	Puppet Agent for Windows 输入验证漏洞 — Puppet Agent	7.8	-	2018-06-11
CVE-2018-6514	Puppet Agent for Windows 安全漏洞 — Puppet Agent	7.8	-	2018-06-11
CVE-2018-6513	Puppet Enterprise和Puppet Agent 权限许可和访问控制问题漏洞 — Puppet Enterprise and Puppet Agent	8.8	-	2018-06-11
CVE-2018-6512	Puppet Enterprise、razor-server和pe-razor-server 代码注入漏洞 — Puppet Enterprise 2018.1.x prior to 2018.1.1, razor-server and pe-razor-server prior to 1.9.0.0	9.8	-	2018-06-11
CVE-2018-6510	XSS Vulnerability in Puppet Enterprise Console — Puppet Enterprise	5.4	-	2018-05-08
CVE-2018-6511	XSS Vulnerability in Puppet Enterprise Console — Puppet Enterprise	5.4	-	2018-05-08
CVE-2018-6508	Puppet Enterprise 安全漏洞 — Puppet Enterprise	8.0	-	2018-02-09
CVE-2017-10690	Puppet Agent 安全漏洞 — Puppet Enterprise	6.5	-	2018-02-09
CVE-2017-10689	Puppet Agent 安全漏洞 — Puppet Enterprise	7.1	-	2018-02-09
CVE-2017-2297	Puppet 授权问题漏洞 — Puppet Enterprise	8.8	-	2018-02-01
CVE-2017-2296	Puppet Enterprise 安全漏洞 — Puppet Enterprise	6.5	-	2018-02-01
CVE-2017-2293	Puppet Enterprise MCollective服务器安全漏洞 — Puppet Enterprise	4.9	-	2018-02-01
CVE-2016-5713	Puppet Agent PXP agent 安全漏洞 — Puppet Agent	9.8	-	2017-12-06
CVE-2017-2299	puppetlabs-apache模块信息泄露漏洞 — puppetlabs-apache	7.5	-	2017-09-15

This page lists every published CVE security advisory associated with Puppet. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

Puppet — Vulnerabilities & Security Advisories 37