Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
rubygems puppet Security Advisories
Browse all Security Advisories for rubygems puppet
Loading...
Moderate
Ecosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS05cHZ4LWZ3d2gtdzI4Oc4AATVb
Puppet does not properly restrict access to node resourcesEcosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Moderate
Ecosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS1tcG14LWdtNXYtcTc4Oc4AATVg
Puppet uses predictable filenames, allowing arbitrary file overwriteEcosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Moderate
Ecosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS04YzU2LXYyNXctZjg5Y84AATVI
Puppet arbitrary file overwriteEcosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Moderate
Ecosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS1xaDNnLTI3amYtM2o1NM4AATVQ
Puppet allows local users to modify the permissions of arbitrary filesEcosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Moderate
Ecosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS1jNG1jLTQ5aHEtcTI3Nc4AATUu
Puppet uses predictable filenames, allowing arbitrary file overwriteEcosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Low
Ecosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS12NTh3LTZ4YzItdzc5Oc4AATUx
Puppet Denial of Service and Arbitrary File WriteEcosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Moderate
Ecosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS02eHhxLWozOXctZzNmNs4AATUt
Puppet Arbitrary Command ExecutionEcosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Moderate
Ecosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS03N2hnLWc4Y2MtNXIzN84AATUv
Puppet Privilege EscallationEcosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Moderate
Ecosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: over 2 years ago
GSA_kwCzR0hTQS12dzIyLTQ2NXAtOGo1d84AAR7S
Tarball permission preservation in puppetEcosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: over 2 years ago
Critical
Ecosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 40.1
Published: over 2 years ago
GSA_kwCzR0hTQS1wcWo1LTdyODYtNjRmds3svQ
Puppet Improper Access ControlEcosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 40.1
Published: over 2 years ago
Low
Ecosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
GSA_kwCzR0hTQS12cmg3LTk5amgtM2Ztbc3StQ
Puppet arbitrary files overwrite via a symlink attackEcosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Moderate
Ecosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 26.6
Published: almost 3 years ago
GSA_kwCzR0hTQS1xNGc3LWpyeHYtNjdyOc0XeQ
Silent Configuration Failure in Puppet AgentEcosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 26.6
Published: almost 3 years ago
Moderate
Ecosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 26.6
Published: almost 3 years ago
GSA_kwCzR0hTQS05M2o1LWc4NDUtOXdxcM0XhQ
Unsafe HTTP Redirect in Puppet Agent and Puppet ServerEcosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 26.6
Published: almost 3 years ago
Moderate
Ecosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 26.6
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdxdmYtODkyci12am01
Improper Certificate Validation in PuppetEcosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 26.6
Published: over 3 years ago
Low
Ecosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZ4ZjYtdzltcC05NWht
Puppet supports use of IP addresses in certnames without warning of potential risksEcosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
Low
Ecosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM1cXEtZzY3My01cDQ5
Puppet allows local users to overwrite arbitrary files via a symlink attackEcosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
Low
Ecosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThqeGotOXI1Zi13M20y
Puppet allows local users to obtain sensitive configuration informationEcosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
High
Ecosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU3NHEtZnhmai13djZo
Puppet Improper Input Validation vulnerabilityEcosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
Moderate
Ecosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE0NHItZjJobS12NzZ2
Pupper does not properly restrict characters in Common Name field of Certificate Signing RequestEcosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
Low
Ecosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc4OW0tM3dqdy1oODU3
Puppet vulnerable to Path TraversalEcosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
Moderate
Ecosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNqNDMtOWgzdy12OTc2
Puppet allows remote attackers to execute arbitrary Ruby programs from the master via the resource_type serviceEcosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
High
Ecosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY3cDUtdzJjci03Y3A3
Puppet Improper Input Validation vulnerabilityEcosystems: rubygems
Packages: puppet
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
Moderate
Ecosystems: rubygems
Packages: mcollective-client, puppet, hiera, facter
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTkydjctcHE0aC01OGo1
facter, hiera, mcollective-client, and puppet affected by untrusted search path vulnerabilityEcosystems: rubygems
Packages: mcollective-client, puppet, hiera, facter
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
Statistics
Advisories: 20,668
Packages: 9,040
Repositories: 2
Ecosystems: 12
Packages: 9,040
Repositories: 2
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
actionpack
60
nokogiri
43
rubygems-update
25
rack
23
puppet
23
activerecord
21
camaleon_cms
14
publify_core
14
activesupport
14
passenger
13
puma
12
actionview
12
decidim
11
rails
11
fat_free_crm
10
rails-html-sanitizer
9
jquery-rails
9
bootstrap
9
twbs/bootstrap
9
org.webjars:bootstrap
9
bootstrap
9
bootstrap
9
bootstrap-sass
8
org.webjars.npm:jquery
8
jquery
8
org.jruby:jruby-stdlib
7
jquery-ui
7
jquery-ui-rails
7
org.webjars.npm:jquery-ui
7
jQuery.UI.Combined
7
bootstrap.sass
7
jQuery
7
rexml
7
ember-source
6
doorkeeper
6
loofah
6
katello
6
sidekiq
5
sinatra
5
spree
5
bundler
5
commonmarker
5
spree_auth_devise
5
bootstrap-sass
5
webrick
5
grpcio
5
grpc
5
carrierwave
4
avo
4
fluentd
4
activestorage
4
dragonfly
4
ruby-saml
4
rails_admin
4
devise
4
sanitize
4
mail
4
omniauth
3
rdoc
3
actiontext
3
chartkick
3
openc3
3
decidim-admin
3
rubyzip
3
gollum
3
json-jwt
3
phlex
3
rest-client
3
rack-cors
3
yard
3
io.grpc:grpc-protobuf
3
geminabox
3
resque
3
git
3
cgi
3
decidim-core
3
devise-two-factor
3
activeadmin
3
com.google.protobuf:protobuf-java
3
spina
3
com.google.protobuf:protobuf-kotlin
3
google-protobuf
3
private_address_check
3
openc3
3
openssl
3
field_test
2
administrate
2
facter
2
secure_headers
2
cocoapods-downloader
2
safemode
2
radiant
2
solidus_frontend
2
paperclip
2
sprockets
2
json
2
decidim-templates
2
sidekiq-unique-jobs
2
qiita-markdown
2
user_agent_parser
2
kaminari
2
pdfkit
2
uri
2
faye
2
echor
2
git-fastclone
2
yajl-ruby
2
logstash-core
2
omniauth-facebook
2
httparty
2
VladTheEnterprising
2
maximebf/debugbar
2
ruby-openid
2
view_component
2
solidus_core
2
twitter-bootstrap-rails
2
mapbox-rails
2
mapbox.js
2
decidim-meetings
2
redcarpet
2
mechanize
2
@openc3/tool-common
2
net-ldap
2
sup
2
ox
2
omniauth-saml
2
red-arrow
2
pyarrow
2
com.google.protobuf:protobuf-javalite
2
com.google.protobuf:protobuf-kotlin-lite
2
actionmailer
2
pageflow
2
pghero
2
mini_magick
2
org.webjars.npm:bootstrap
2
i18n
2
bson
2
kramdown
2
rswag
1
pdf_info
1
inline_svg
1
message_bus
1
geocoder
1
kelredd-pruview
1
shrine
1
omniauth-auth0
1
spree_api
1
wicked
1
omniauth-apple
1
audited
1
mcollective-client
1
govuk_tech_docs
1
hiera
1
stimulus_reflex
1
stimulus_reflex
1
strong_password
1
datagrid
1
blazer
1
solidus_auth_devise
1
restforce
1
django
1
matestack-ui-core
1
Bootstrap.Less
1
easymon
1
iodine
1
thin
1
activeresource
1
sqlite3-ruby
1
stringio
1
faye-websocket
1
text_helpers
1
sqlite-vec
1
resque-scheduler
1
sqlite-vec
1
sqlite-vec
1
sqlite-vec
1
decidim-decidim_awesome
1
curupira
1
awesome_spawn
1
smalruby-editor
1
smalruby
1
bindata
1
oxidized-web
1
rubocop
1
ruby-mysql
1
gtk2
1
rotp
1
@turbo-boost/commands
1
unpoly-rails
1
mongrel
1
better_errors
1
ruby_parser
1
turbo_boost-commands
1
discordrb
1
diffy
1
sentry-raven
1
recurly
1
trilogy
1
md2pdf
1
jmespath
1
Filter by Repository