CVE-2020-7944

Summary

In Continuous Delivery for Puppet Enterprise (CD4PE) before 3.4.0, changes to resources or classes containing Sensitive parameters can result in the Sensitive parameters ending up in the impact analysis report.

Affected Software

VendorProductVersion RangeStatus
n/aContinuous Delivery for Puppet Enterprise (CD4PE)CD4PE prior to 3.4.0affected

Weaknesses

  • Insertion of Sensitive Information into Externally-Accessible File or Directory

ADP Enrichment

CVE Program Container

Additional References

References