Previous versions of Puppet Agent included a version of the Puppet Execution Protocol Agent allowed environment variables to be passed through to Puppet runs. This could allow unauthorized code to be loaded.
Status:
Affected Software Versions:
Puppet Agent 1.3.0 - 1.5.x
Resolved in:
Puppet Agent 1.6.0
Puppet sites use proprietary and third-party cookies. By using our sites, you agree to our cookie policy.