CVSS 3 Base Score:

Posted On:

Assessed Risk Level:
Low

On October 20th, Oracle announced several security vulnerabilities in Java. Puppet Enterprise versions prior to 2015.2.3 contained affected versions of Java. Puppet Enterprise 3.8.3 and 2015.2.3 contain updated Java packages that address the vulnerabilities. For more information about the Java vulnerabilities, refer to the Oracle security announcement

Status:

Affected software versions:
  • Puppet Enterprise 3.x
  • Puppet Enterprise 2015.2.x
Resolved in:
  • Puppet Enterprise 3.8.3
  • Puppet Enterprise 2015.2.3