Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/puppet@4.8.2-5
purl pkg:deb/debian/puppet@4.8.2-5
Next non-vulnerable version 5.5.10-4
Latest non-vulnerable version 5.5.10-4
Risk 3.1
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-8xgm-pabz-hkeg
Aliases:
CVE-2017-10689
GHSA-vw22-465p-8j5w
Improper Privilege Management In previous versions of Puppet Agent it was possible to install a module with world writable permissions. Puppet Agent 5.3.4 and 1.10.10 included a fix to this vulnerability.
5.5.10-4
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-18aq-72zg-3uc9 puppet: Unsafe YAML deserialization CVE-2017-2295

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-15T20:56:30.410821+00:00 Debian Oval Importer Fixing VCID-18aq-72zg-3uc9 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T16:44:16.058619+00:00 Debian Oval Importer Affected by VCID-8xgm-pabz-hkeg https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-11T20:36:53.058111+00:00 Debian Oval Importer Fixing VCID-18aq-72zg-3uc9 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T16:31:06.380802+00:00 Debian Oval Importer Affected by VCID-8xgm-pabz-hkeg https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-08T20:16:58.964887+00:00 Debian Oval Importer Fixing VCID-18aq-72zg-3uc9 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T16:22:17.047904+00:00 Debian Oval Importer Affected by VCID-8xgm-pabz-hkeg https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0