CVE-2013-4956 (Puppet Module Permissions Vulnerability)
Posted August 15, 2013
Assessed Risk Level: Low
Puppet Module Tool (PMT) did not correctly control permissions of modules it installed, instead transferring permissions that existed when the module was built.
- Resolved in Puppet 2.7.23 and 3.2.4
- Resolved in Puppet Enterprise 2.8.3 and 3.0.1