CVSS 3 Base Score: Posted On: April 30, 2020Assessed Risk Level: HighOn April 21, 2020, OpenSSL published security updates addressing CVE-2020-1967. Previous releases of Puppet Agent and Bolt contain a vulnerable version of OpenSSL. Puppet Agent 5.5.20 and 6.15.0, Puppet Enterprise 2018.1.15 and 2019.7.0, and Bolt 2.4.0 contain an updated version of OpenSSL that has patched the vulnerability.For more information about this vulnerability, refer to the OpenSSL security announcement for CVE-2020-1967.Status:Affected software versions:Puppet Agent 5 versions prior to 5.5.20Puppet Agent 6 versions prior to 6.15.0Puppet Enterprise prior to 2018.1.15Puppet Enterprise prior to 2019.7.0Bolt versions prior to 2.4.0Resolved in:Puppet Agent 5.5.20Puppet Agent 6.15.0Puppet Enterprise 2018.1.15Puppet Enterprise 2019.7.0Bolt 2.4.0← Back to CVE Listings