CVSS 3 Base Score: Posted On: April 30, 2019Assessed Risk Level: High On March 5, 2019 RubyGems announced several vulnerabilities. Previous versions of Puppet Agent, PDK and Puppet Enterprise shipped with a vulnerable version of RubyGems. For more information about this vulnerability, refer to RubyGems’s release announcement page (). Status:Affected software versions:Puppet Agent versions prior to 5.5.14Puppet Agent versions prior to 6.0.9Puppet Agent versions prior to 6.4.2PDK versions prior to 1.10.0.0Puppet Enterprise versions prior to 2016.4.11Puppet Enterprise versions prior to 2017.3.6Resolved in:Puppet Agent 5.5.14Puppet Agent 6.0.9Puppet Agent 6.4.2PDK 1.10.0.0Puppet Enterprise 2019.0.3Puppet Enterprise 2018.1.8← Back to CVE Listings