Overview

Puppet Forge Vulnerability Fix

  • Posted October 21, 2014

Puppet Labs has identified and fixed a potential security vulnerability in the Puppet Forge. In theory, the vector could have allowed potential account hijacking. However, log analysis revealed no evidence that the vulnerability was ever exploited.

We have updated the Puppet Forge to address the issue.