|Improper Link Resolution Before File Access ('Link Following')|
|Improper Input Validation|
|Vulnerability||Severity Score||Release Date||Summary|
|CVE-2013-2716||5.0||April 10, 2013||
Puppet Labs Puppet Enterprise before 2.8.0 does not use a "randomized secret" in the CAS client config file (cas_client_config.yml) when upgrading from older 1.2.x or 2.0.x versions, which allows remote attackers to obtain console access via a crafted cookie.
|CVE-2013-3567||7.5||Aug. 19, 2013||
Puppet 2.7.x before 2.7.22 and 3.2.x before 3.2.2, and Puppet Enterprise before 2.8.2, deserializes untrusted YAML, which allows remote attackers to instantiate arbitrary Ruby classes and execute arbitrary code via a crafted REST API call.
|CVE-2013-4969||2.1||Jan. 7, 2014||
Puppet before 3.3.3 and 3.4 before 3.4.1 and Puppet Enterprise (PE) before 2.8.4 and 3.1 before 3.1.1 allows local users to overwrite arbitrary files via a symlink attack on unspecified files.