| Severity |
|
| Remote |
|
| Type |
| - |
Unknown |
| + |
Information disclosure |
|
| Description |
| + |
A security issue was discovered in Puppet before version 7.12.1 that may result in a leak of HTTP credentials when following HTTP redirects to a different host. This is similar to CVE-2018-1000007. |
|
| References |
| + |
https://puppet.com/security/cve/CVE-2021-27023 |
| + |
https://puppet.com/docs/puppet/7/release_notes_puppet.html#release_notes_puppet_7-12-1 |
| + |
https://tickets.puppetlabs.com/browse/PUP-11188 |
| + |
https://github.com/puppetlabs/puppet/commit/9a8d3ef017cf63ce0f848ec64394f7bad287e825 |
|
| Notes |
|