CVSS 3 Base Score:
Posted On:
Assessed Risk Level:
On March 31, 2021, curl published security updates addressing CVE-2021-22876 and CVE-2021-22890. Previous releases of Puppet Agent contain a vulnerable version of curl. Puppet Agent 6.22.1 and 7.6.1 contain an updated version of curl that has patched the vulnerability
For more information about this vulnerability, refer to the security announcements for:
Status:
Affected software versions:- Puppet Agent 6.x prior to 6.22.1
- Puppet Agent 7.x prior to 7.6.1
- Puppet Enterprise prior to 2019.8.6
- Puppet Agent 6.22.1
- Puppet Agent 7.6.1
- Puppet Enterprise 2019.8.6
- Puppet Enterprise 2021.1.0