CVE-2018-11751

Опубликовано: 16 дек. 2019

Источник: debian

EPSS Низкий

Описание

Previous versions of Puppet Agent didn't verify the peer in the SSL connection prior to downloading the CRL. This issue is resolved in Puppet Agent 6.4.0.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
puppet	not-affected			package

Примечания

https://puppet.com/security/cve/CVE-2018-11751/
https://tickets.puppetlabs.com/browse/PUP-9459
https://github.com/puppetlabs/puppet/commit/b49c11b6425738441d6f33285d2630fa434a123e

EPSS

Процентиль: 45%

0.00223

Низкий

Связанные уязвимости

CVE-2018-11751

CVSS3: 5.4

ubuntu

около 6 лет назад

Previous versions of Puppet Agent didn't verify the peer in the SSL connection prior to downloading the CRL. This issue is resolved in Puppet Agent 6.4.0.

CVE-2018-11751

CVSS3: 3.7

redhat

около 6 лет назад

Previous versions of Puppet Agent didn't verify the peer in the SSL connection prior to downloading the CRL. This issue is resolved in Puppet Agent 6.4.0.

CVE-2018-11751

CVSS3: 5.4

nvd

около 6 лет назад

Previous versions of Puppet Agent didn't verify the peer in the SSL connection prior to downloading the CRL. This issue is resolved in Puppet Agent 6.4.0.

GHSA-vvrg-mw82-38g2

github

больше 3 лет назад

Previous versions of Puppet Agent didn't verify the peer in the SSL connection prior to downloading the CRL. This issue is resolved in Puppet Agent 6.4.0.

EPSS

Процентиль: 45%

0.00223

Низкий