Puppet Puppetlabs-mysql — known CVE vulnerabilities
Every CVE whose affected-product data names Puppet Puppetlabs-mysql, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2015-7224 — CVSS 9.8 (critical): puppetlabs-mysql 3.1.0 through 3.6.0 allow remote attackers to bypass authentication by leveraging creation of a database account without a…
CVE-2022-3275 — CVSS 8.4 (high): Command injection is possible in the puppetlabs-apt module prior to version 9.0.0. A malicious actor is able to exploit this vulnerability…
CVE-2022-3276 — CVSS 8.4 (high): Command injection is possible in the puppetlabs-mysql module prior to version 13.0.0. A malicious actor is able to exploit this…