CVE-2018-6508

CVE: CVE-2018-6508
Published: 2018-02-09T20:29Z
Description Language: en
Description: Puppet Enterprise 2017.3.x prior to 2017.3.3 are vulnerable to a remote execution bug when a specially crafted string was passed into the facter_task or puppet_conf tasks. This vulnerability only affects tasks in the affected modules, if you are not using puppet tasks you are not affected by this vulnerability.
References:
http://www.securityfocus.com/bid/103020
https://puppet.com/security/cve/CVE-2018-6508