Search for packages
| purl | pkg:rpm/redhat/puppetserver@6.18.0-1?arch=el7sat |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.4 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-qdsk-m9ye-z3a4
Aliases: CVE-2021-27023 GHSA-93j5-g845-9wqp |
Unsafe HTTP Redirect in Puppet Agent and Puppet Server A flaw was discovered in Puppet Agent and Puppet Server that may result in a leak of HTTP credentials when following HTTP redirects to a different host. This is similar to CVE-2018-1000007 | There are no reported fixed by versions. |
|
VCID-s94z-5sd6-33dk
Aliases: CVE-2021-27025 GHSA-q4g7-jrxv-67r9 |
Silent Configuration Failure in Puppet Agent A flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of Service condition prior to the first 'pluginsync'. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T14:01:03.219637+00:00 | RedHat Importer | Affected by | VCID-qdsk-m9ye-z3a4 | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-27023.json | 38.0.0 |
| 2026-04-01T14:01:03.126633+00:00 | RedHat Importer | Affected by | VCID-s94z-5sd6-33dk | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-27025.json | 38.0.0 |