CVE-2018-6508

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2018-6508

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-6508.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2018-6508

Related

UBUNTU-CVE-2018-6508

Published

2018-02-09T20:29:00Z

Modified

2024-11-21T04:10:47Z

Severity

8.0 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Puppet Enterprise 2017.3.x prior to 2017.3.3 are vulnerable to a remote execution bug when a specially crafted string was passed into the factertask or puppetconf tasks. This vulnerability only affects tasks in the affected modules, if you are not using puppet tasks you are not affected by this vulnerability.

References

Affected packages

Debian:11 / puppet-module-puppetlabs-apache

Package

Name: puppet-module-puppetlabs-apache
Purl: pkg:deb/debian/puppet-module-puppetlabs-apache?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.0.0-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / puppet-module-puppetlabs-apache

Package

Name: puppet-module-puppetlabs-apache
Purl: pkg:deb/debian/puppet-module-puppetlabs-apache?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.0.0-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / puppet-module-puppetlabs-apache

Package

Name: puppet-module-puppetlabs-apache
Purl: pkg:deb/debian/puppet-module-puppetlabs-apache?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.0.0-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:11 / puppet-module-puppetlabs-apt

Package

Name: puppet-module-puppetlabs-apt
Purl: pkg:deb/debian/puppet-module-puppetlabs-apt?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.5.1-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / puppet-module-puppetlabs-apt

Package

Name: puppet-module-puppetlabs-apt
Purl: pkg:deb/debian/puppet-module-puppetlabs-apt?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.5.1-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / puppet-module-puppetlabs-apt

Package

Name: puppet-module-puppetlabs-apt
Purl: pkg:deb/debian/puppet-module-puppetlabs-apt?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.5.1-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:11 / puppet-module-puppetlabs-mysql

Package

Name: puppet-module-puppetlabs-mysql
Purl: pkg:deb/debian/puppet-module-puppetlabs-mysql?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.3.0-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / puppet-module-puppetlabs-mysql

Package

Name: puppet-module-puppetlabs-mysql
Purl: pkg:deb/debian/puppet-module-puppetlabs-mysql?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.3.0-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / puppet-module-puppetlabs-mysql

Package

Name: puppet-module-puppetlabs-mysql
Purl: pkg:deb/debian/puppet-module-puppetlabs-mysql?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.3.0-1

Ecosystem specific

{
    "urgency": "unimportant"
}