FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

puppet -- Unsafe HTTP Redirect

Affected packages
puppet6 < 6.25.1
puppet7 < 7.12.1
puppetserver6 < 6.17.1
puppetserver7 < 7.4.2

Details

VuXML ID 3bd3c9f8-41ee-11ec-9bac-589cfc007716
Discovery 2021-11-09
Entry 2021-11-10

Puppet reports:

A flaw was discovered in Puppet Agent and Puppet Server that may result in a leak of HTTP credentials when following HTTP redirects to a different host. This is similar to CVE-2018-1000007.

[source]

References

CVE Name CVE-2021-27023
URL https://puppet.com/security/cve/cve-2021-27023

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.