Skip to main content

Puppetlabs Mysql

3 CVEs product

Monthly

CVE-2022-3276 HIGH This Week

Command injection is possible in the puppetlabs-mysql module prior to version 13.0.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Puppetlabs Mysql
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2022-3275 CRITICAL Act Now

Command injection is possible in the puppetlabs-apt module prior to version 9.0.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Puppetlabs Mysql Fedora
NVD
CVSS 3.1
9.8
EPSS
2.1%
CVE-2015-7224 CRITICAL Act Now

puppetlabs-mysql 3.1.0 through 3.6.0 allow remote attackers to bypass authentication by leveraging creation of a database account without a password when a 'mysql_user' user parameter contains a host. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Puppetlabs Mysql
NVD
CVSS 3.0
9.8
EPSS
0.5%
EPSS 2% CVSS 8.8
HIGH This Week

Command injection is possible in the puppetlabs-mysql module prior to version 13.0.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Puppetlabs Mysql
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Command injection is possible in the puppetlabs-apt module prior to version 9.0.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Puppetlabs Mysql Fedora
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

puppetlabs-mysql 3.1.0 through 3.6.0 allow remote attackers to bypass authentication by leveraging creation of a database account without a password when a 'mysql_user' user parameter contains a host. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Puppetlabs Mysql
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy