Perforce Puppet Enterprise

3 CVEs affecting Perforce Puppet Enterprise. Latest disclosed: 2026-07-03. Critical: 0, High: 1.

Top CVEs affecting Perforce Puppet Enterprise
CVESeverityScorePublishedSummary
CVE-2025-5459High8.82025-06-26A user with specific node group editing permissions and a specially crafted class parameter could be used to execute commands as root on the primary host. It a…
CVE-2026-88042026-07-03Puppet resource_api (shipped in Puppet Core 8.x and Puppet Enterprise 2023.8.x and 2025.x) does not preserve the sensitive flag on parameters defined via the r…
CVE-2025-103602025-09-24In Puppet Enterprise versions 2025.4.0 and 2025.5, the encryption key used for encrypting content in the Infra Assistant database was not excluded from the fil…