Filtered by vendor Puppet
Subscriptions
Filtered by product Mcollective-sshkey-security
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-2298 | 1 Puppet | 1 Mcollective-sshkey-security | 2024-11-21 | 6.5 Medium |
| The mcollective-sshkey-security plugin before 0.5.1 for Puppet uses a server-specified identifier as part of a path where a file is written. A compromised server could use this to write a file to an arbitrary location on the client with the filename appended with the string "_pub.pem". | ||||
Page 1 of 1.