CVSS 3 Base Score: Posted On: October 6, 2009Assessed Risk Level: None puppetmasterd in puppet 0.24.6 does not reset supplementary groups when it switches to a different user, which might allow local users to access restricted files. Status:Affected software versions: Resolved in:Resolved in Puppet 0.25.2 and 0.24.9← Back to CVE Listings