CVSS 3 Base Score: Posted On: July 8, 2019Assessed Risk Level: High On July 2nd 2019, RedHat published security updates addressing several CVEs in libssh2. Previous releases of Puppet Enterprise contain a vulnerable version of libssh2. Puppet Enterprise 2019.1.1, 2019.0.4, and 2018.1.9 contain an updated version of libssh2 that has patched the vulnerabilities. For more information about these vulnerabilities, refer to the [RedHat security announcement](https://lwn.net/Articles/792554/). Status:Affected software versions:- Puppet Enterprise versions prior to 2019.1.1 - Puppet Enterprise versions prior to 2019.0.4 - Puppet Enterprise versions prior to 2018.1.9Resolved in:- Puppet Enterprise 2019.1.1 - Puppet Enterprise 2019.0.4 - Puppet Enterprise 2018.1.9← Back to CVE Listings