CVE-2021-27023

A flaw was discovered in Puppet Agent and Puppet Server that may result in a leak of HTTP credentials when following HTTP redirects to a different host. This is similar to CVE-2018-1000007
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:puppet:puppet_agent:*:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet_agent:*:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet_enterprise:*:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet_enterprise:*:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet_server:*:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet_server:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*

History

07 Nov 2023, 03:31

Type Values Removed Values Added
References
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62SELE7EKVKZL4GABFMVYMIIUZ7FPEF7/', 'name': 'FEDORA-2021-1c0e788093', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'}
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62SELE7EKVKZL4GABFMVYMIIUZ7FPEF7/ -

Information

Published : 2021-11-18 15:15

Updated : 2024-02-28 18:48


NVD link : CVE-2021-27023

Mitre link : CVE-2021-27023

CVE.ORG link : CVE-2021-27023


JSON object : View

Products Affected

fedoraproject

  • fedora

puppet

  • puppet_enterprise
  • puppet_server
  • puppet_agent