VulnerableCode Package Details - pkg:deb/debian/puppet@0.25.4-2?distro=bullseye

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/puppet@0.25.4-2?distro=bullseye

purl	pkg:deb/debian/puppet@0.25.4-2?distro=bullseye

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-ww8x-tzxr-4qbn	Improper Link Resolution Before File Access ('Link Following') Puppet 0.24.x before 0.24.9 and 0.25.x before 0.25.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/daemonout, (2) /tmp/puppetdoc.txt, (3) /tmp/puppetdoc.tex, or (4) /tmp/puppetdoc.aux temporary file.	CVE-2010-0156 GHSA-vrh7-99jh-3fmm

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T13:05:26.992941+00:00	Debian Importer	Fixing	VCID-ww8x-tzxr-4qbn	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T09:00:03.254781+00:00	Debian Importer	Fixing	VCID-ww8x-tzxr-4qbn	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:50:25.269317+00:00	Debian Importer	Fixing	VCID-ww8x-tzxr-4qbn	https://security-tracker.debian.org/tracker/data/json	38.1.0