CVE-2020-7945

Local registry credentials were included directly in the CD4PE deployment definition, which could expose these credentials to users who should not have access to them. This is resolved in Continuous Delivery for Puppet Enterprise 4.0.1.
References
Link Resource
https://puppet.com/security/cve/CVE-2020-7945 Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:puppet:continuous_delivery:4.0.0:*:*:*:puppet_enterprise:*:*:*

History

No history.

Information

Published : 2020-09-18 18:15

Updated : 2024-02-28 18:08


NVD link : CVE-2020-7945

Mitre link : CVE-2020-7945

CVE.ORG link : CVE-2020-7945


JSON object : View

Products Affected

puppet

  • continuous_delivery
CWE
CWE-522

Insufficiently Protected Credentials