FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

puppetdb -- Multiple vulnerabilities

Affected packages
puppetdb5 < 5.2.18

Details

VuXML ID 10e3ed8a-db7f-11ea-8bdf-643150d3111d
Discovery 2020-07-23
Entry 2020-08-11

Puppetlabs reports:

In June 2020, jackson-databind published security updates addressing several CVEs. Previous releases of PuppetDB contain a vulnerable version of jackson.core:jackson-databind. PuppetDB 5.2.18 contains an updated version of jackson-databind that has patched the vulnerabilities.

References

CVE Name CVE-2020-14060
CVE Name CVE-2020-14061
CVE Name CVE-2020-14062
CVE Name CVE-2020-14195
CVE Name CVE-2020-9548
URL https://puppet.com/security/cve/jackson-july-2020-security-fixes/