CVSS 3 Base Score: Posted On: July 30, 2019Assessed Risk Level: LowOn May 22nd 2019, curl published security updates addressing CVE-2019-5435 and CVE-2019-5436. Previous releases of Puppet Enterprise contain a vulnerable version of curl. Puppet Enterprise 2019.1.1, 2019.0.4, and 2018.1.9 contain an updated version of curl that has patched the vulnerabilities.For more information about these vulnerabilities, refer to the security announcements for CVE-2019-5435 and CVE-2019-5436.Status:Affected software versions:Puppet Agent versions prior to 5.5.16Puppet Agent versions prior to 6.0.10Puppet Agent versions prior to 6.4.3Puppet Enterprise versions prior to 2019.1.1Puppet Enterprise versions prior to 2019.0.4Puppet Enterprise versions prior to 2018.1.9Resolved in:Puppet Agent 5.5.16Puppet Agent 6.0.10Puppet Agent 6.4.3Puppet Enterprise 2019.1.1Puppet Enterprise 2019.0.4Puppet Enterprise 2018.1.9← Back to CVE Listings
