CVSS 3 Base Score: Posted On: August 9, 2016Assessed Risk Level: MediumOn May 23, 2016 libxml2 announced several vulnerabilities.Previous versions of Puppet Enterprise 2016.x shipped with a vulnerable version of libxml2. Puppet Enterprise 2016.2.1 and Puppet Agent 1.5.3 include an updated version of libxml2 to that fixes these vulnerabilities.For more information about these vulnerabilities, refer to the libxml2 release notes (http://xmlsoft.org/news.html). Status:Affected software versions:Puppet Agent 1.3.3 - 1.5.2Puppet Enterprise 2015.3.2 - 2015.3.3Puppet Enterprise 2016.x prior to 2016.2.1Resolved in:Puppet Agent 1.5.3Puppet Enterprise 2016.2.1← Back to CVE Listings