CVE-2021-27019 - Verbose error messages

  • Posted May 4, 2021

  • Assessed Risk Level: Low

  • CVSS 3.1 Base Score: 3.1

PuppetDB logging included potentially sensitive system information. This has been resolved in PuppetDB 6.16.1 and 7.3.1 and in Puppet Enterprise 2019.8.6 and 2021.1.0.

Status:

Affected software versions:

  • PuppetDB 6.x prior to 6.16.1
  • PuppetDB 7.x prior to 7.3.1
  • Puppet Enterprise prior to 2019.8.6

Resolved in:

  • PuppetDB 6.16.1
  • PuppetDB 7.3.1
  • Puppet Enterprise 2019.8.6
  • Puppet Enterprise 2021.1.0
Puppet sites use proprietary and third-party cookies. By using our sites, you agree to our cookie policy.