Puppet: 7.35.0 → 2019.8.7
Puppet · upgrade impact · Official site ↗
Fixed by upgrading to 2019.8.7 iVulnerabilities that affect 7.35.0 but no longer affect 2019.8.7 — the security gain from this upgrade, by exploited status then exploitation probability.
Exploited first, then by exploitation probability (EPSS).
CVE-2021-27021 HIGH EPSS 1% ✓ cleared in 2019.8.7 CVE-2017-10690 MEDIUM EPSS 1% ✓ cleared in 2019.8.7 CVE-2017-10689 MEDIUM EPSS 0% ✓ cleared in 2019.8.7Still open in 2019.8.7 iKnown vulnerabilities that affect 2019.8.7 too — upgrading to it does not clear these.
These affect 2019.8.7 as well — a later release may be needed.
CVE-2021-27025 MEDIUM EPSS 1% → fixed in 2021.4.0 CVE-2021-27022 MEDIUM EPSS 1% → fixed in 2021.3.0 CVE-2021-27026 MEDIUM EPSS 0% → fixed in 2021.4.0