puppet vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the puppet package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
M Denial of Service (DoS)	<6.25.1>=7.0.0, <7.12.1
M Information Disclosure	<6.25.1>=7.0.0, <7.12.1
M Improper Input Validation	<6.13.0
L Improper Certificate Validation	>=6.0.0, <6.4.0
M Access Restriction Bypass	>=2.7.0, <2.7.13
M Access Restriction Bypass	<2.6.18>=2.7.0, <2.7.21>=3.1.0, <3.1.1
H Deserialization of Untrusted Data	<4.10.1
H Arbitrary Code Loading	<5.3.7>=5.4.0, <5.5.2
H Privilege Escalation	<5.3.7>=5.4.0, <5.5.2
H Privilege Escalation	<5.3.7>=5.4.0, <5.5.2
M Information Exposure	<5.3.4
M Insecure Permissions	<5.3.4
C Unauthorized Endpoint Access	>=4.0.0, <4.4.2
M Information Exposure	<3.6.2
H Arbitrary Code Execution	<2.7.26>=3.0.0, <3.6.2
M Privilege Escalation via Symlink Attack	>=2.0.0, <2.7.25>=3.0.0, <3.4.2
M Information Exposure	>=2.7.14, <2.7.23>=3.0.0, <3.2.4
M Remote Code Execution (RCE)	>=2.0.0, <2.7.23>=3.0.0, <3.2.4
H Remote Code Execution (RCE)	>=2.7.0, <2.7.22>=3.0.0, <3.2.2
M Information Exposure	<2.6.18>=2.7.0, <2.7.21>=3.0.0, <3.1.1
M Remote Code Execution (RCE)	<2.6.18>=2.7.0, <2.7.21>=3.0.0, <3.1.1
M Remote Code Execution (RCE)	>=2.6.0, <2.6.18>=2.7.0, <2.7.21>=3.0.0, <3.1.1
H Remote Code Execution (RCE)	>=2.6.0, <2.6.18>=2.7.0, <2.7.21>=3.0.0, <3.1.1
H Remote Code Execution (RCE)	<2.6.18>=2.7.0, <2.7.21>=3.0.0, <3.1.1
M Insufficient Input Validation	>=2.7.0, <2.7.18<2.6.17
M Information Exposure	>=2.7.0, <2.7.18
L Directory Traversal	>=2.7.0, <2.7.18<2.6.17
M Arbitrary File Access	>=2.7.0, <2.7.18<2.6.17
L Agent Impersonation	<2.7.18
M Arbitrary Code Execution	<2.6.15>=2.7.0, <2.7.13
L Denial of Service (DoS)	<2.6.15>=2.7.0, <2.7.13
L Arbitrary File Read Access	<2.6.15>=2.7.0, <2.7.13
M Symlink Attack	<2.6.15>=2.7.0, <2.7.13
M Local Privilege Escalation via Symlink Attack	<2.6.15>=2.7.0, <2.7.12
H Group Privilege Escalation	<2.6.14>=2.7.0, <2.7.1
L Man-in-the-Middle (MitM)	<2.6.12>=2.7.0, <2.7.6
L File injection	<2.6.11>=2.7.0, <2.7.5
H Arbitrary Code Execution via Symlink attack	<2.6.11>=2.7.0, <2.7.5
H Local Privilege Escalation via Symlink Attack	<2.6.11>=2.7.0, <2.7.5
H Local Privilege Escalation	<2.6.11>=2.7.0, <2.7.5
M Directory Traversal	<2.6.10>=2.7.0, <2.7.4
M Information Exposure	>=2.6.0, <2.6.4
M Arbitrary File Access	<0.24.8>=0.25.0, <0.25.2

Vulnerability

Vulnerable Version

Denial of Service (DoS)

<6.25.1>=7.0.0, <7.12.1