CVSS 3 Base Score:
Posted On:
Assessed Risk Level:
On May 25, 2021 F5 (Nginx) published security updates addressing CVE-2021-23017 (High). Previous releases of Puppet Enterprise contain a vulnerable version of nginx. Puppet Enterprise 2021.2, 2019.8.7 contain an updated version of nginx that has patched the vulnerabilities.
For more information about this vulnerability, refer to the security announcements for CVE-2021-23017
Status:
Affected software versions:- Puppet Agent 6 versions prior to 6.23.0
- Puppet Agent 7 versions prior to 7.8.0
- Puppet Enterprise prior to 2021.2
- Puppet Enterprise prior to 2019.8.7
- Puppet Agent 6.23.0
- Puppet Agent 7.8.0
- Puppet Enterprise 2021.2
- Puppet Enterprise 2019.8.7