Puppet Continuous Delivery
By the Year
In 2024 there have been 0 vulnerabilities in Puppet Continuous Delivery . Continuous Delivery did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 1 | 8.10 |
| 2020 | 1 | 7.70 |
| 2019 | 1 | 6.50 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Continuous Delivery vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Puppet Continuous Delivery Security Vulnerabilities
A flaw was discovered in Continuous Delivery for Puppet Enterprise (CD4PE)
CVE-2021-27024
8.1 - High
- November 18, 2021
A flaw was discovered in Continuous Delivery for Puppet Enterprise (CD4PE) that results in a user with lower privileges being able to access a Puppet Enterprise API token. This issue is resolved in CD4PE 4.10.0
In Continuous Delivery for Puppet Enterprise (CD4PE) before 3.4.0, changes to resources or classes containing Sensitive parameters
CVE-2020-7944
7.7 - High
- March 26, 2020
In Continuous Delivery for Puppet Enterprise (CD4PE) before 3.4.0, changes to resources or classes containing Sensitive parameters can result in the Sensitive parameters ending up in the impact analysis report.
Information Disclosure
When using the cd4pe::root_configuration task to configure a Continuous Delivery for PE installation
CVE-2019-10695
6.5 - Medium
- December 12, 2019
When using the cd4pe::root_configuration task to configure a Continuous Delivery for PE installation, the root users username and password were exposed in the jobs Job Details pane in the PE console. These issues have been resolved in version 1.2.1 of the puppetlabs/cd4pe module.
Insertion of Sensitive Information into Log File
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Puppet Continuous Delivery or by Puppet? Click the Watch button to subscribe.
