ADVISORIES

• CVE-2021-27025 (NVD)
• GHSA-q4g7-jrxv-67r9
• Vendor Advisory

GEM

puppet

SEVERITY

CVSS v3.x: 6.5 (Medium)

PATCHED VERSIONS

• ~> 6.25.1
• >= 7.12.1

DESCRIPTION

A flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of Service condition prior to the first ‘pluginsync’.