puppet vulnerabilities

licenses detected
- Apache-2.0
  >=0

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the puppet package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
M Denial of Service (DoS)	<6.25.1 >=7.0.0, <7.12.1
M Information Disclosure	<6.25.1 >=7.0.0, <7.12.1
M Improper Input Validation	<6.13.0
L Improper Certificate Validation	>=6.0.0, <6.4.0
M Access Restriction Bypass	>=2.7.0, <2.7.13
M Access Restriction Bypass	<2.6.18 >=2.7.0, <2.7.21 >=3.1.0, <3.1.1
H Deserialization of Untrusted Data	<4.10.1
H Arbitrary Code Loading	<5.3.7 >=5.4.0, <5.5.2
H Privilege Escalation	<5.3.7 >=5.4.0, <5.5.2
H Privilege Escalation	<5.3.7 >=5.4.0, <5.5.2
M Information Exposure	<5.3.4
M Insecure Permissions	<5.3.4
C Unauthorized Endpoint Access	>=4.0.0, <4.4.2
M Information Exposure	<3.6.2
H Arbitrary Code Execution	<2.7.26 >=3.0.0, <3.6.2
M Privilege Escalation via Symlink Attack	>=2.0.0, <2.7.25 >=3.0.0, <3.4.2
M Information Exposure	>=2.7.14, <2.7.23 >=3.0.0, <3.2.4
M Remote Code Execution	>=2.0.0, <2.7.23 >=3.0.0, <3.2.4
H Remote Code Execution	>=2.7.0, <2.7.22 >=3.0.0, <3.2.2
M Information Exposure	<2.6.18 >=2.7.0, <2.7.21 >=3.0.0, <3.1.1
M Remote Code Execution	<2.6.18 >=2.7.0, <2.7.21 >=3.0.0, <3.1.1
M Remote Code Execution	>=2.6.0, <2.6.18 >=2.7.0, <2.7.21 >=3.0.0, <3.1.1
H Remote Code Execution	>=2.6.0, <2.6.18 >=2.7.0, <2.7.21 >=3.0.0, <3.1.1
H Remote Code Execution	<2.6.18 >=2.7.0, <2.7.21 >=3.0.0, <3.1.1
M Insufficient Input Validation	>=2.7.0, <2.7.18 <2.6.17
M Information Exposure	>=2.7.0, <2.7.18
L Directory Traversal	>=2.7.0, <2.7.18 <2.6.17
M Arbitrary File Access	>=2.7.0, <2.7.18 <2.6.17
L Agent Impersonation	<2.7.18
M Arbitrary Code Execution	<2.6.15 >=2.7.0, <2.7.13
L Denial of Service (DoS)	<2.6.15 >=2.7.0, <2.7.13
L Arbitrary File Read Access	<2.6.15 >=2.7.0, <2.7.13
M Symlink Attack	<2.6.15 >=2.7.0, <2.7.13
M Local Privilege Escalation via Symlink Attack	<2.6.15 >=2.7.0, <2.7.12
H Group Privilege Escalation	<2.6.14 >=2.7.0, <2.7.1
L Man-in-the-Middle (MitM)	<2.6.12 >=2.7.0, <2.7.6
L File injection	<2.6.11 >=2.7.0, <2.7.5
H Arbitrary Code Execution via Symlink attack	<2.6.11 >=2.7.0, <2.7.5
H Local Privilege Escalation via Symlink Attack	<2.6.11 >=2.7.0, <2.7.5
H Local Privilege Escalation	<2.6.11 >=2.7.0, <2.7.5
M Directory Traversal	<2.6.10 >=2.7.0, <2.7.4
M Information Exposure	>=2.6.0, <2.6.4
M Arbitrary File Access	<0.24.8 >=0.25.0, <0.25.2

puppet vulnerabilities

licenses detected

Direct Vulnerabilities