GHSA-6xxq-j39w-g3f6

Suggest an improvement
Source
https://github.com/advisories/GHSA-6xxq-j39w-g3f6
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-6xxq-j39w-g3f6/GHSA-6xxq-j39w-g3f6.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-6xxq-j39w-g3f6
Aliases
Published
2022-05-14T00:56:45Z
Modified
2024-12-03T06:08:23.760847Z
Summary
Puppet Arbitrary Command Execution
Details

Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with agent SSL keys and file-creation permissions on the puppet master to execute arbitrary commands by creating a file whose full pathname contains shell metacharacters, then performing a filebucket request.

Database specific
{
    "nvd_published_at": "2012-05-29T20:55:00Z",
    "cwe_ids": [
        "CWE-77",
        "CWE-78"
    ],
    "severity": "MODERATE",
    "github_reviewed": true,
    "github_reviewed_at": "2024-01-12T16:30:38Z"
}
References

Affected packages

RubyGems / puppet

Package

Name
puppet
Purl
pkg:gem/puppet

Affected ranges

Type
ECOSYSTEM
Events
Introduced
2.6.0
Fixed
2.6.15

Affected versions

2.*

2.6.0
2.6.1
2.6.2
2.6.3
2.6.4
2.6.5
2.6.6
2.6.7
2.6.8
2.6.9
2.6.10
2.6.11
2.6.12
2.6.13
2.6.14

RubyGems / puppet

Package

Name
puppet
Purl
pkg:gem/puppet

Affected ranges

Type
ECOSYSTEM
Events
Introduced
2.7.0
Fixed
2.7.13

Affected versions

2.*

2.7.1
2.7.3
2.7.4
2.7.5
2.7.6
2.7.8
2.7.9
2.7.11
2.7.12