CVE-2018-11751

Source
https://nvd.nist.gov/vuln/detail/CVE-2018-11751
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-11751.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2018-11751
Related
Published
2019-12-16T22:15:11Z
Modified
2024-10-12T03:06:51.614673Z
Severity
  • 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L CVSS Calculator
Summary
[none]
Details

Previous versions of Puppet Agent didn't verify the peer in the SSL connection prior to downloading the CRL. This issue is resolved in Puppet Agent 6.4.0.

References

Affected packages

Git / github.com/puppetlabs/puppetserver

Affected ranges

Type
GIT
Repo
https://github.com/puppetlabs/puppetserver
Events

Affected versions

5.*

5.3.6
5.3.7
5.3.8

6.*

6.0.0
6.0.1
6.0.2
6.0.3
6.0.4
6.1.0
6.2.0
6.2.1
6.3.0