Known vulnerabilities in Puppet Labs Puppet Enterprise

Known vulnerabilities in Puppet Labs Puppet Enterprise

Vendor: Puppet Labs

Website:

Total Security Bulletins: 16

Security bulletins (16)

Secuity bulletin	Severity	Status	Published
SB2025062614: Privilege escalation in Puppet Enterprise	Medium	Patched	26.06.2025
SB2023050457: Regular expression denial of service in Puppet Server	Medium	Patched	04.05.2023
SB2022050414: Multiple vulnerabilities in Puppet Labs products	Medium	Patched	04.05.2022
SB2021070123: Security restrictions bypass in Puppet Labs products	Low	Patched	01.07.2021
SB2018020512: Remote code execution in Puppet Enterprise	High	Patched	05.02.2018
SB2017080924: Format string error in Puppet Enterprise	High	Patched	09.08.2017
SB2017021306: Improper access control in Puppet Enterprise	Medium	Patched	13.02.2017
SB2017020926: Input validation error in Puppet Enterprise	Medium	Patched	09.02.2017
SB2016102017: Puppet Enterprise and Puppet Agent update for OpenSSL	High	Patched	20.10.2016
SB2016010803: Information disclosure in Puppet Enterprise	Low	Patched	08.01.2016
SB2014061706: Information disclosure in Puppet Enterprise	Medium	Patched	17.06.2014
SB2014031417: Insufficient session expiration in Puppet Enterprise	Low	Patched	14.03.2014
SB2014030902: Multiple vulnerabilities in Puppet Enterprise	Medium	Patched	09.03.2014
SB2013102601: Multiple vulnerabilities in Puppet Enterprise	Medium	Patched	26.10.2013
SB2013102603: Improper Authentication in Puppet Enterprise	Medium	Patched	26.10.2013
SB2013082103: Multiple vulnerabilities in Puppet Enterprise	High	Patched	21.08.2013