Puppet Marionette_collective
2 CVEs affecting Puppet Marionette_collective. Latest disclosed: 2017-02-13. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2016-2788 | Critical | 9.8 | 2017-02-13 | MCollective 2.7.0 and 2.8.x before 2.8.9, as used in Puppet Enterprise, allows remote attackers to execute arbitrary code via vectors related to the mco ping c… |
CVE-2014-3248 | | 2014-11-16 | Untrusted search path vulnerability in Puppet Enterprise 2.8 before 2.8.7, Puppet before 2.7.26 and 3.x before 3.6.2, Facter 1.6.x and 2.x before 2.0.2, Hiera… |