FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

puppetdb -- Multiple vulnerabilities

Affected packages
puppetdb5 < 5.2.18


VuXML ID 10e3ed8a-db7f-11ea-8bdf-643150d3111d
Discovery 2020-07-23
Entry 2020-08-11

Puppetlabs reports:

In June 2020, jackson-databind published security updates addressing several CVEs. Previous releases of PuppetDB contain a vulnerable version of jackson.core:jackson-databind. PuppetDB 5.2.18 contains an updated version of jackson-databind that has patched the vulnerabilities.


CVE Name CVE-2020-14060
CVE Name CVE-2020-14061
CVE Name CVE-2020-14062
CVE Name CVE-2020-14195
CVE Name CVE-2020-9548