CVSS 3 Base Score: Posted On: December 15, 2020Assessed Risk Level: MediumOn December 8, 2020, OpenSSL published security updates addressing CVE-2020-1971. Previous releases of Puppet Agent and Bolt contain a vulnerable version of OpenSSL. Puppet Agent 7.1.0 and Bolt 2.38.0 contain an updated version of OpenSSL that has patched the vulnerability.For more information about this vulnerability, refer to the OpenSSL security announcement for CVE-2020-1971.Status:Affected software versions:Puppet Agent prior to 7.1.0Bolt versions prior to 2.38.0Resolved in:Puppet Agent 7.1.0Bolt 2.38.0← Back to CVE Listings