Описание
A flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of Service condition prior to the first 'pluginsync'.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| puppet-agent | not-affected | package | ||
| puppet | removed | package | ||
| puppet | ignored | bullseye | package | |
| puppet | ignored | buster | package | |
| puppet | ignored | stretch | package |
Примечания
https://puppet.com/security/cve/cve-2021-27025
https://github.com/puppetlabs/puppet/commit/da8b73edca174309a9bef5f62cd276933fe733e8 (6.25.1)
Limited impact, needs a malformed custom type provider
EPSS
Связанные уязвимости
A flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of Service condition prior to the first 'pluginsync'.
A flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of Service condition prior to the first 'pluginsync'.
A flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of Service condition prior to the first 'pluginsync'.
Уязвимость приложения для запуска Puppet Agent, связанная с ошибками управления ресурсами, позволяющая нарушителю вызвать отказ в обслуживании
EPSS