Vulnerabilities (CVE)

Filtered by vendor Puppet Subscribe

Filtered by product Continuous Delivery

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-27024	1 Puppet	1 Continuous Delivery	2022-07-12	5.5 MEDIUM	8.1 HIGH
A flaw was discovered in Continuous Delivery for Puppet Enterprise (CD4PE) that results in a user with lower privileges being able to access a Puppet Enterprise API token. This issue is resolved in CD4PE 4.10.0
CVE-2020-7944	1 Puppet	1 Continuous Delivery	2020-04-01	4.0 MEDIUM	7.7 HIGH
In Continuous Delivery for Puppet Enterprise (CD4PE) before 3.4.0, changes to resources or classes containing Sensitive parameters can result in the Sensitive parameters ending up in the impact analysis report.