CVE-2021-27021

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2021-27021
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-27021.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2021-27021
Downstream
Published
2021-07-20T11:15:11.630Z
Modified
2025-12-06T00:05:22.135465Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

A flaw was discovered in Puppet DB, this flaw results in an escalation of privileges which allows the user to delete tables via an SQL query.

References

Affected packages

Git

github.com/puppetlabs/puppet

Affected ranges

Type
GIT
Repo
https://github.com/puppetlabs/puppet
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
39461d5c51a78fb9531fa307630826620cbfbaaa

Affected versions

0.*

0.24.0
0.24.1
0.24.2
0.24.3
0.24.4
0.24.5
0.24.6
0.24.7
0.24.7rc1
0.24.8rc1
0.25.0
0.25.0beta1
0.25.0beta2
0.25.0rc1
0.25.1
0.25.1rc1
0.25.1rc2
0.25.2
0.25.2rc1
0.25.2rc2
0.25.2rc3
0.25.3
0.25.4
0.25.4rc1
0.25.4rc2
0.25.4rc3
0.25.5
0.25.5rc1
0.25.5rc2
0.25.5rc3

1.*

1.5.2

2.*

2.6.0
2.6.0rc1
2.6.0rc2
2.6.0rc3
2.6.0rc4
2.6.1
2.6.10
2.6.11
2.6.12
2.6.13
2.6.13rc1
2.6.14
2.6.15
2.6.16
2.6.1rc1
2.6.1rc2
2.6.1rc3
2.6.1rc4
2.6.2
2.6.2rc1
2.6.3
2.6.3rc1
2.6.3rc2
2.6.3rc3
2.6.4
2.6.5
2.6.5rc1
2.6.5rc2
2.6.5rc3
2.6.5rc4
2.6.5rc5
2.6.6
2.6.6rc1
2.6.7
2.6.7rc1
2.6.8
2.6.8rc1
2.6.9
2.6.9rc1
2.7.0
2.7.0rc1
2.7.0rc2
2.7.0rc3
2.7.0rc4
2.7.1
2.7.10
2.7.10rc1
2.7.11-1
2.7.12
2.7.12rc1
2.7.12rc2
2.7.13
2.7.14
2.7.14rc1
2.7.14rc2
2.7.14rc3
2.7.15rc1
2.7.15rc2
2.7.15rc3
2.7.15rc4
2.7.16
2.7.16rc1
2.7.17
2.7.18
2.7.19
2.7.19rc1
2.7.19rc2
2.7.19rc3
2.7.20
2.7.20-rc1
2.7.21
2.7.22
2.7.23
2.7.2rc1
2.7.2rc2
2.7.2rc3
2.7.3
2.7.3.rc1
2.7.3rc1
2.7.4
2.7.4rc1
2.7.4rc2
2.7.4rc3
2.7.5
2.7.6
2.7.6rc1
2.7.6rc2
2.7.6rc3
2.7.7
2.7.7rc1
2.7.8
2.7.8rc1
2.7.8rc2
2.7.9

3.*

3.0.0
3.0.0-rc4
3.0.0-rc5
3.0.0-rc6
3.0.0-rc7
3.0.0-rc8
3.0.0rc1
3.0.0rc2
3.0.0rc3
3.0.1
3.0.1-rc1
3.0.2
3.0.2-rc1
3.0.2-rc2
3.0.2-rc3
3.1.0
3.1.0-rc1
3.1.0-rc2
3.1.1
3.2.0
3.2.0-rc1
3.2.0-rc2
3.2.1
3.2.1-rc1
3.2.2
3.2.3
3.2.3-rc1
3.2.4
3.3.0
3.3.0-rc1
3.3.0-rc2
3.3.0-rc3
3.3.1
3.3.1-rc1
3.3.1-rc2
3.3.1-rc3
3.3.2
3.4.0
3.4.0-rc1
3.4.0-rc2
3.4.1
3.4.2
3.4.3
3.5.0
3.5.0-rc1
3.5.0-rc2
3.5.0-rc3
3.5.1
3.5.1-rc1
3.6.0
3.6.0-rc1
3.6.1
3.6.2
3.7.0
3.7.1
3.7.2
3.7.3
3.7.4
3.7.5
3.8.0
3.8.1
3.8.2
3.8.3
3.8.4
3.8.5
3.8.6
3.8.7

4.*

4.0.0
4.0.0-rc1
4.0.0-rc2
4.0.0-rc3
4.1.0
4.10.0
4.10.1
4.10.10
4.10.11
4.10.12
4.10.13
4.10.2
4.10.3
4.10.4
4.10.5
4.10.6
4.10.7
4.10.8
4.10.9
4.2.0
4.2.1
4.2.2
4.2.3
4.3.0
4.3.1
4.3.2
4.4.0
4.4.1
4.4.2
4.5.0
4.5.1
4.5.2
4.5.3
4.6.0
4.6.1
4.6.2
4.7.0
4.7.1
4.8.0
4.8.1
4.8.2
4.9.0
4.9.2
4.9.3
4.9.4

5.*

5.0.0
5.0.1
5.1.0
5.2.0
5.3.0
5.3.1
5.3.2
5.3.3
5.3.4
5.3.5
5.3.6
5.3.7
5.5.0
5.5.1
5.5.11
5.5.12
5.5.13
5.5.14
5.5.15
5.5.16
5.5.17
5.5.18
5.5.19
5.5.2
5.5.20
5.5.21
5.5.22
5.5.3
5.5.6
5.5.7
5.5.8
5.5.9

6.*

6.0.0
6.0.1
6.0.10
6.0.2
6.0.3
6.0.4
6.0.5
6.0.7
6.0.8
6.0.9
6.1.0
6.10.0
6.10.1
6.11.0
6.11.1
6.12.0
6.13.0
6.14.0
6.15.0
6.16.0
6.17.0
6.18.0
6.19.0
6.19.1
6.2.0
6.20.0
6.21.0
6.21.1
6.22.0
6.22.1
6.3.0
6.4.0
6.4.1
6.4.2
6.4.3
6.4.4
6.4.5
6.5.0
6.6.0
6.7.0
6.7.1
6.7.2
6.8.0
6.9.0

debian/0.*

debian/0.25.1

puppet-0.*

puppet-0.24.5-rc3

tags/2.*

tags/2.6.0rc1
tags/2.6.0rc2
tags/2.6.0rc3

upstream/0.*

upstream/0.25.0

github.com/puppetlabs/puppet-agent

Affected ranges

Type
GIT
Repo
https://github.com/puppetlabs/puppet-agent
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
3706608c3e9acc1f41ea87128343b3f4c705f3c0

Affected versions

0.*

0.1.3
0.2.0
0.2.1
0.2.2
0.2.3
0.2.4
0.3.0
0.3.1
0.3.2
0.9.0
0.9.1

1.*

1.0.0
1.0.1
1.1.0
1.1.1
1.10.0
1.10.1
1.10.10
1.10.11
1.10.12
1.10.13
1.10.14
1.10.15
1.10.2
1.10.3
1.10.4
1.10.5
1.10.6
1.10.7
1.10.8
1.10.9
1.2.0
1.2.1
1.2.2
1.2.3
1.2.4
1.2.5
1.2.6
1.2.7
1.3.0
1.3.1
1.3.2
1.3.3
1.3.4
1.3.5
1.3.6
1.4.0
1.4.1
1.4.2
1.5.0
1.5.1
1.5.2
1.5.3
1.6.0
1.6.1
1.6.2
1.7.0
1.7.1
1.7.2
1.8.0
1.8.1
1.8.2
1.8.3
1.9.0
1.9.1
1.9.2
1.9.3

4.*

4.99.0

5.*

5.0.0
5.0.1
5.1.0
5.2.0
5.3.0
5.3.1
5.3.2
5.3.3
5.3.4
5.3.5
5.3.6
5.3.7
5.3.8
5.4.0
5.5.0
5.5.1
5.5.10
5.5.11
5.5.12
5.5.13
5.5.14
5.5.15
5.5.16
5.5.17
5.5.18
5.5.19
5.5.2
5.5.20
5.5.21
5.5.22
5.5.3
5.5.4
5.5.6
5.5.7
5.5.8
5.5.9
5.99.0
5.99.1
5.99.2

6.*

6.0.0
6.0.1
6.0.10
6.0.2
6.0.3
6.0.4
6.0.5
6.0.7
6.0.8
6.0.9
6.1.0
6.10.0
6.10.1
6.11.0
6.11.1
6.12.0
6.13.0
6.14.0
6.15.0
6.16.0
6.17.0
6.18.0
6.19.0
6.19.1
6.2.0
6.20.0
6.21.0
6.21.1
6.22.0
6.22.1
6.3.0
6.4.0
6.4.1
6.4.2
6.4.3
6.4.4
6.4.5
6.5.0
6.6.0
6.7.0
6.7.1
6.7.2
6.8.0
6.8.1
6.9.0

github.com/puppetlabs/puppetdb

Affected ranges

Type
GIT
Repo
https://github.com/puppetlabs/puppetdb
Events
Introduced
8d821e626fd81152e0e2d7814e65f4bdeb55db31
Fixed
d207819ca371523fad7aa0ae33cceb0fd816cd29

Affected versions

6.*

6.19.0
6.19.1

7.*

7.7.0
7.7.1