CVSS 3 Base Score: Posted On: November 6, 2019Assessed Risk Level: MediumOn September 11, 2019, curl published security updates addressing CVE-2019-5481 and CVE-2019-5481. Previous releases of Puppet Enterprise contain a vulnerable version of curl. Puppet Enterprise 2019.1.3 and 2018.1.11 contain an updated version of curl that has patched the vulnerabilities.For more information about these vulnerabilities, refer to the security announcements for CVE-2019-5481 and CVE-2019-5482.Status:Affected software versions:Puppet Agent 5 versions prior to 5.5.17Puppet Agent 6 versions prior to 6.4.4Puppet Enterprise 2019.1 versions prior to 2019.1.3Puppet Enterprise 2018.1 versions prior to 2018.1.11PE Client Tools 18.1 versions prior to 18.1.12PE Client Tools 19.1 versions prior to 19.1.5PDK versions prior to 1.14.0.0Resolved in:Puppet Agent 5.5.17Puppet Agent 6.4.4Puppet Enterprise 2019.1.3Puppet Enterprise 2018.1.11PE Client Tools 18.1.12PE Client Tools 19.1.5PDK 1.14.0.0← Back to CVE Listings