Your submission was sent successfully! Close

CVE-2021-27023

Published: 18 November 2021

A flaw was discovered in Puppet Agent and Puppet Server that may result in a leak of HTTP credentials when following HTTP redirects to a different host. This is similar to CVE-2018-1000007

Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
puppet
Launchpad, Ubuntu, Debian
bionic Needs triage

focal Needs triage

hirsute Ignored
(reached end-of-life)
impish Ignored
(reached end-of-life)
jammy Needs triage

kinetic Needs triage

trusty Needs triage

upstream
Released (6.25.1, 7.12.1)
xenial Ignored
(out of standard support)