GHSA-q4g7-jrxv-67r9
Suggest an improvement- Source
- https://github.com/advisories/GHSA-q4g7-jrxv-67r9
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/12/GHSA-q4g7-jrxv-67r9/GHSA-q4g7-jrxv-67r9.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-q4g7-jrxv-67r9
- Aliases
- Published
- 2021-12-02T17:54:25Z
- Modified
- 2024-11-29T05:38:21.945843Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- Silent Configuration Failure in Puppet Agent
- Details
-
A flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of Service condition prior to the first 'pluginsync'.
- Database specific
{ "nvd_published_at": "2021-11-18T15:15:00Z", "github_reviewed_at": "2021-11-30T14:35:55Z", "cwe_ids": [], "severity": "MODERATE", "github_reviewed": true }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2021-27025
- https://github.com/puppetlabs/puppet
- https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2021-27025.yml
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62SELE7EKVKZL4GABFMVYMIIUZ7FPEF7
- https://puppet.com/security/cve/cve-2021-27025
Affected packages
RubyGems / puppet
Package
- Name
- puppet
- Purl
- pkg:gem/puppet
RubyGems / puppet
Package
- Name
- puppet
- Purl
- pkg:gem/puppet
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.25.1
Affected versions
0.*
0.9.2
0.13.0
0.13.1
0.13.2
0.13.6
0.16.0
0.18.4
0.22.4
0.23.0
0.23.1
0.23.2
0.24.0
0.24.1
0.24.2
0.24.3
0.24.4
0.24.5
0.24.6
0.24.7
0.24.8
0.24.9
0.25.0
0.25.1
0.25.2
0.25.3
0.25.4
0.25.5
2.*
2.6.0
2.6.1
2.6.2
2.6.3
2.6.4
2.6.5
2.6.6
2.6.7
2.6.8
2.6.9
2.6.10
2.6.11
2.6.12
2.6.13
2.6.14
2.6.15
2.6.16
2.6.17
2.6.18
2.7.1
2.7.3
2.7.4
2.7.5
2.7.6
2.7.8
2.7.9
2.7.11
2.7.12
2.7.13
2.7.14
2.7.16
2.7.17
2.7.18
2.7.19
2.7.20.rc1
2.7.20
2.7.21
2.7.22
2.7.23
2.7.24
2.7.25
2.7.26
3.*
3.0.0.rc4
3.0.0.rc5
3.0.0.rc7
3.0.0.rc8
3.0.0
3.0.1.rc1
3.0.1
3.0.2.rc1
3.0.2.rc2
3.0.2.rc3
3.0.2
3.1.0.rc1
3.1.0.rc2
3.1.0
3.1.1
3.2.0.rc1
3.2.0.rc2
3.2.1.rc1
3.2.1
3.2.2
3.2.3.rc1
3.2.3
3.2.4
3.3.0.rc2
3.3.0.rc3
3.3.0
3.3.1.rc1
3.3.1.rc2
3.3.1.rc3
3.3.1
3.3.2
3.4.0.rc1
3.4.0.rc2
3.4.0
3.4.1
3.4.2
3.4.3
3.5.0.rc1
3.5.0.rc2
3.5.0.rc3
3.5.1.rc1
3.5.1
3.6.0.rc1
3.6.0
3.6.1
3.6.2
3.7.0
3.7.1
3.7.2
3.7.3
3.7.4
3.7.5
3.8.1
3.8.2
3.8.3
3.8.4
3.8.5
3.8.6
3.8.7
4.*
4.0.0.rc1
4.0.0
4.1.0
4.2.0
4.2.1
4.2.2
4.2.3
4.3.0
4.3.1
4.3.2
4.4.0
4.4.1
4.4.2
4.5.0
4.5.1
4.5.2
4.5.3
4.6.1
4.6.2
4.7.0
4.7.1
4.8.0
4.8.1
4.8.2
4.9.0
4.9.1
4.9.2
4.9.3
4.9.4
4.10.0
4.10.1
4.10.4
4.10.5
4.10.6
4.10.7
4.10.8
4.10.9
4.10.10
4.10.11
4.10.12
5.*
5.0.0
5.0.1
5.1.0
5.2.0
5.3.1
5.3.2
5.3.3
5.3.4
5.3.5
5.3.6
5.3.7
5.4.0
5.5.0
5.5.1
5.5.2
5.5.3
5.5.6
5.5.7
5.5.8
5.5.10
5.5.12
5.5.13
5.5.14
5.5.16
5.5.17
5.5.18
5.5.19
5.5.20
5.5.21
5.5.22
6.*
6.0.0
6.0.1
6.0.2
6.0.3
6.0.4
6.0.5
6.0.7
6.0.8
6.0.9
6.0.10
6.1.0
6.2.0
6.3.0
6.4.0
6.4.1
6.4.2
6.4.3
6.4.4
6.4.5
6.5.0
6.6.0
6.7.0
6.7.2
6.8.0
6.8.1
6.9.0
6.10.0
6.10.1
6.11.0
6.11.1
6.12.0
6.13.0
6.14.0
6.15.0
6.16.0
6.17.0
6.18.0
6.19.0
6.19.1
6.20.0
6.21.0
6.21.1
6.22.1
6.23.0
6.24.0
6.25.0