Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:continuous_delivery_for_puppet_enterprise_(cd4pe):*:*:*:*:*:*:*:*

part: a version: * update: *

VendorN/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78)
ProductContinuous Delivery For Puppet Enterprise (Cd4Pe) (ed33f9ce-94a5-5828-961b-c3fc12800f95)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2020-7945 vulnerable 2026-06-08 05:27:14.543368 Details available
Local registry credentials were included directly in the CD4PE deployment definition, which could expose these credentials to users who should not have access to them. This is resolved in Continuous Delivery for Puppet Enterprise 4.0.1.
Published: 2020-09-18T17:58:51.000Z
Updated: 2024-08-04T09:48:24.936Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-7944 vulnerable 2026-06-08 05:27:14.541998 Details available
In Continuous Delivery for Puppet Enterprise (CD4PE) before 3.4.0, changes to resources or classes containing Sensitive parameters can result in the Sensitive parameters ending up in the impact analysis report.
Published: 2020-03-26T14:16:44.000Z
Updated: 2024-08-04T09:48:24.523Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2019-10695 vulnerable 2026-06-08 05:12:24.915853 Details available
When using the cd4pe::root_configuration task to configure a Continuous Delivery for PE installation, the root user’s username and password were exposed in the job’s Job Details pane in the PE console. These issues have been resolved in version 1.2.1 of the puppetlabs/cd4pe module.
Published: 2019-12-11T23:04:57.000Z
Updated: 2024-08-04T22:32:01.196Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.