FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

puppet -- Unsafe HTTP Redirect

Affected packages
puppet6 < 6.25.1
puppet7 < 7.12.1
puppetserver6 < 6.17.1
puppetserver7 < 7.4.2


VuXML ID 3bd3c9f8-41ee-11ec-9bac-589cfc007716
Discovery 2021-11-09
Entry 2021-11-10

Puppet reports:

A flaw was discovered in Puppet Agent and Puppet Server that may result in a leak of HTTP credentials when following HTTP redirects to a different host. This is similar to CVE-2018-1000007.


CVE Name CVE-2021-27023