Puppet puppetlabs-apache 1.11.0 for Puppet
Approved changes feed: RSS · Atom
cpe:2.3:a:puppet:puppetlabs-apache:1.11.0:*:*:*:*:puppet:*:*
part: a version: 1.11.0 update: *
| Vendor | Puppet (056a1ba3-12b3-5ecf-a97f-ab3b403c7816) |
|---|---|
| Product | Puppetlabs Apache (d19c2c77-e10a-5e74-bc15-8e8a61ac827d) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | puppet |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:deb/debian/puppet-module-puppetlabs-apache |
purl2cpe | 2026-06-01 10:14:37.382565 |
pkg:deb/ubuntu/puppet-module-puppetlabs-apache |
purl2cpe | 2026-06-01 10:14:37.382567 |
pkg:github/puppetlabs/puppetlabs-apache |
purl2cpe | 2026-06-01 10:14:37.382568 |
pkg:gitlab/simp/puppetlabs-apache |
purl2cpe | 2026-06-01 10:14:37.382569 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2017-2299 |
vulnerable | 2026-06-03 14:37:07.239671 |
Details available
Versions of the puppetlabs-apache module prior to 1.11.1 and 2.1.0 make it very easy to accidentally misconfigure TLS trust. If you specify the `ssl_ca` parameter but do not specify the `ssl_certs_dir` parameter, a default will be provided for the `ssl_certs_dir` that will trust certificates from any of the system-trusted certificate authorities. This did not affect FreeBSD.
Published: 2017-09-15T18:00:00.000Z
Updated: 2024-09-16T18:59:14.375Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.