Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:ebuild/app-admin/puppet@2.7.23
purl pkg:ebuild/app-admin/puppet@2.7.23
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (11)
Vulnerability Summary Aliases
VCID-3kma-3ffw-8qd9 Improper Input Validation Puppet 2.7.x before 2.7.22 and 3.2.x before 3.2.2, and Puppet Enterprise before 2.8.2, deserializes untrusted YAML, which allows remote attackers to instantiate arbitrary Ruby classes and execute arbitrary code via a crafted REST API call. CVE-2013-3567
GHSA-f7p5-w2cr-7cp7
VCID-3zzj-krc5-skea Multiple vulnerabilities have been found in Puppet, the worst of which could lead to execution of arbitrary code. CVE-2013-2275
VCID-5g6u-uvej-xbad Moderate severity vulnerability that affects puppet Unspecified vulnerability in Puppet 2.7.x before 2.7.23 and 3.2.x before 3.2.4, and Puppet Enterprise 2.8.x before 2.8.3 and 3.0.x before 3.0.1, allows remote attackers to execute arbitrary Ruby programs from the master via the resource_type service. NOTE: this vulnerability can only be exploited utilizing unspecified "local file system access" to the Puppet Master. CVE-2013-4761
GHSA-cj43-9h3w-v976
VCID-73uh-2gkm-6kgy Multiple vulnerabilities have been found in Puppet, the worst of which could lead to execution of arbitrary code. CVE-2013-4956
VCID-7jtp-a1nw-bqfs Multiple vulnerabilities have been found in Puppet, the worst of which could lead to execution of arbitrary code. CVE-2013-1640
VCID-nf2h-5vd2-6kb1 Multiple vulnerabilities have been found in Puppet, the worst of which could lead to execution of arbitrary code. CVE-2013-1653
VCID-pdpa-qfpq-zkcq Improper Input Validation Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, when running Ruby 1.9.3 or later, allows remote attackers to execute arbitrary code via vectors related to "serialized attributes." CVE-2013-1655
GHSA-574q-fxfj-wv6h
VCID-rfcx-7kc9-mbcr Multiple vulnerabilities have been found in Puppet, the worst of which could lead to execution of arbitrary code. CVE-2013-2274
VCID-sweb-hbec-k3ha Multiple vulnerabilities have been found in Puppet, the worst of which could lead to execution of arbitrary code. CVE-2013-1652
VCID-v9kt-4vxm-ekdw Multiple vulnerabilities have been found in Puppet, the worst of which could lead to execution of arbitrary code. CVE-2012-6120
VCID-wdwr-8m6q-kff5 Multiple vulnerabilities have been found in Puppet, the worst of which could lead to execution of arbitrary code. CVE-2013-1654

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-01T13:02:20.375751+00:00 Gentoo Importer Fixing VCID-73uh-2gkm-6kgy https://security.gentoo.org/glsa/201308-04 38.0.0
2026-04-01T13:02:20.363430+00:00 Gentoo Importer Fixing VCID-5g6u-uvej-xbad https://security.gentoo.org/glsa/201308-04 38.0.0
2026-04-01T13:02:20.353701+00:00 Gentoo Importer Fixing VCID-3kma-3ffw-8qd9 https://security.gentoo.org/glsa/201308-04 38.0.0
2026-04-01T13:02:20.343888+00:00 Gentoo Importer Fixing VCID-3zzj-krc5-skea https://security.gentoo.org/glsa/201308-04 38.0.0
2026-04-01T13:02:20.333552+00:00 Gentoo Importer Fixing VCID-rfcx-7kc9-mbcr https://security.gentoo.org/glsa/201308-04 38.0.0
2026-04-01T13:02:20.322008+00:00 Gentoo Importer Fixing VCID-pdpa-qfpq-zkcq https://security.gentoo.org/glsa/201308-04 38.0.0
2026-04-01T13:02:20.312280+00:00 Gentoo Importer Fixing VCID-wdwr-8m6q-kff5 https://security.gentoo.org/glsa/201308-04 38.0.0
2026-04-01T13:02:20.301525+00:00 Gentoo Importer Fixing VCID-nf2h-5vd2-6kb1 https://security.gentoo.org/glsa/201308-04 38.0.0
2026-04-01T13:02:20.290966+00:00 Gentoo Importer Fixing VCID-sweb-hbec-k3ha https://security.gentoo.org/glsa/201308-04 38.0.0
2026-04-01T13:02:20.278969+00:00 Gentoo Importer Fixing VCID-7jtp-a1nw-bqfs https://security.gentoo.org/glsa/201308-04 38.0.0
2026-04-01T13:02:20.267531+00:00 Gentoo Importer Fixing VCID-v9kt-4vxm-ekdw https://security.gentoo.org/glsa/201308-04 38.0.0