CVSS 3 Base Score: Posted On: November 6, 2018Assessed Risk Level: MediumIn August 2018, the rubyzip project released a fix for a vulnerability announced in June 2018. Puppet Enterprise 2018.1.5 and 2019.0.1 ship with an updated version of rubyzip that has addressed this vulnerability.For more information about this vulnerability refer to the Red Hat CVE(https://bugzilla.redhat.com/show_bug.cgi?id=1593001)Status:Affected software versions:Puppet Enterprise versions prior to 2019.0.1Puppet Enterprise versions prior to 2018.1.5Resolved in:Puppet Enterprise 2019.0.1Puppet Enterprise 2018.1.5← Back to CVE Listings