CVE-2017-10689

Опубликовано: 09 фев. 2018

Источник: debian

Описание

In previous versions of Puppet Agent it was possible to install a module with world writable permissions. Puppet Agent 5.3.4 and 1.10.10 included a fix to this vulnerability.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
puppet	fixed	5.4.0-1		package
puppet	no-dsa		stretch	package
puppet	no-dsa		jessie	package
puppet	not-affected		wheezy	package

Примечания

https://puppet.com/security/cve/CVE-2017-10689
https://tickets.puppetlabs.com/browse/PUP-7866
https://github.com/puppetlabs/puppet/commit/17d9e02da3882e44c1876e2805cf9708481715ee
https://github.com/puppetlabs/puppet/commit/983154f7e29a2a50d416d889a6fed012b9b12399

Связанные уязвимости

CVE-2017-10689

CVSS3: 5.5

ubuntu

почти 8 лет назад

In previous versions of Puppet Agent it was possible to install a module with world writable permissions. Puppet Agent 5.3.4 and 1.10.10 included a fix to this vulnerability.

CVE-2017-10689

CVSS3: 2.8

redhat

больше 8 лет назад

In previous versions of Puppet Agent it was possible to install a module with world writable permissions. Puppet Agent 5.3.4 and 1.10.10 included a fix to this vulnerability.

CVE-2017-10689

CVSS3: 5.5

nvd

почти 8 лет назад

In previous versions of Puppet Agent it was possible to install a module with world writable permissions. Puppet Agent 5.3.4 and 1.10.10 included a fix to this vulnerability.

openSUSE-SU-2018:0471-1

suse-cvrf

почти 8 лет назад

Security update for rubygem-puppet

SUSE-SU-2018:0602-1

suse-cvrf

почти 8 лет назад

Security update for rubygem-puppet