AZL-44415

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-44415.json

JSON Data

https://api.osv.dev/v1/vulns/AZL-44415

Upstream

CVE-2015-1029

Published

2015-01-16T16:59:22Z

Modified

2026-04-21T04:26:35.422738Z

Summary

CVE-2015-1029 affecting package puppet for versions less than 7.34.0-1

Details

The puppetlabs-stdlib module 2.1 through 3.0 and 4.1.0 through 4.5.x before 4.5.1 for Puppet 2.8.8 and earlier allows remote authenticated users to gain privileges or obtain sensitive information by prepopulating the fact cache.

References

https://nvd.nist.gov/vuln/detail/CVE-2015-1029

Affected packages

Azure Linux:3 / puppet

Package

Name: puppet
Purl: pkg:rpm/azure-linux/puppet

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.34.0-1

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-44415.json"