CVE-2023-5255 – Denial of Service for Revocation of Auto Renewed Certificates
https://notcve.org/view.php?id=CVE-2023-5255
For certificates that utilize the auto-renew feature in Puppet Server, a flaw exists which prevents the certificates from being revoked. Para los certificados que utilizan la función de renovación automática en Puppet Server, existe una falla que impide que los certificados sean revocados. • https://www.puppet.com/security/cve/cve-2023-5255-denial-service-revocation-auto-renewed-certificates • CWE-404: Improper Resource Shutdown or Release •
CVE-2023-1894 – puppet: Puppet Server ReDoS
https://notcve.org/view.php?id=CVE-2023-1894
A Regular Expression Denial of Service (ReDoS) issue was discovered in Puppet Server 7.9.2 certificate validation. An issue related to specifically crafted certificate names significantly slowed down server operations. A Regular expression Denial of Service (ReDoS) issue was found in the Puppet Server 7.9.2 certificate validation. An issue related to specifically crafted certificate names significantly slowed down server operations. • https://www.puppet.com/security/cve/cve-2023-1894-puppet-server-redos https://access.redhat.com/security/cve/CVE-2023-1894 https://bugzilla.redhat.com/show_bug.cgi?id=2193088 • CWE-1333: Inefficient Regular Expression Complexity •
CVE-2021-27023 – puppet: unsafe HTTP redirect
https://notcve.org/view.php?id=CVE-2021-27023
A flaw was discovered in Puppet Agent and Puppet Server that may result in a leak of HTTP credentials when following HTTP redirects to a different host. This is similar to CVE-2018-1000007 Se ha detectado un fallo en Puppet Agent y Puppet Server que puede resultar en un filtrado de credenciales HTTP cuando se siguen redirecciones HTTP a un host diferente. Esto es similar a CVE-2018-1000007 An exposure flaw was found in Puppet Agent and Puppet Server where HTTP credentials were leaked. When the HTTP redirects occurred, the authentication and cookie header was added when following redirects to a different host. This flaw allows an unauthorized network attacker to access sensitive information. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62SELE7EKVKZL4GABFMVYMIIUZ7FPEF7 https://puppet.com/security/cve/CVE-2021-27023 https://access.redhat.com/security/cve/CVE-2021-27023 https://bugzilla.redhat.com/show_bug.cgi?id=2023859 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2020-7943 – puppet: puppet server and puppetDB may leak sensitive information via metrics API
https://notcve.org/view.php?id=CVE-2020-7943
Puppet Server and PuppetDB provide useful performance and debugging information via their metrics API endpoints. For PuppetDB this may contain things like hostnames. Puppet Server reports resource names and titles for defined types (which may contain sensitive information) as well as function names and class names. Previously, these endpoints were open to the local network. PE 2018.1.13 & 2019.5.0, Puppet Server 6.9.2 & 5.3.12, and PuppetDB 6.9.1 & 5.2.13 disable trapperkeeper-metrics /v1 metrics API and only allows /v2 access on localhost by default. • https://puppet.com/security/cve/CVE-2020-7943 https://access.redhat.com/security/cve/CVE-2020-7943 https://bugzilla.redhat.com/show_bug.cgi?id=1828486 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-276: Incorrect Default Permissions •
CVE-2018-11751 – puppet-agent: Puppet Agent does not properly verify SSL connection when downloading a CRL
https://notcve.org/view.php?id=CVE-2018-11751
Previous versions of Puppet Agent didn't verify the peer in the SSL connection prior to downloading the CRL. This issue is resolved in Puppet Agent 6.4.0. Las versiones anteriores de Puppet Agent no comprobaban el peer en la conexión SSL antes de descargar la CRL. Este problema es resuelto en Puppet Agent versión 6.4.0. A flaw was found in Puppet, where the Puppet Agent did not verify the peer in the SSL connection before downloading to the Certificate Revocation List (CRL). • https://puppet.com/security/cve/CVE-2018-11751 https://access.redhat.com/security/cve/CVE-2018-11751 https://bugzilla.redhat.com/show_bug.cgi?id=1788261 • CWE-295: Improper Certificate Validation CWE-862: Missing Authorization •