Candidate: CVE-2015-1426
PublicDate: 2015-02-23 17:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1426
 http://puppetlabs.com/security/cve/cve-2015-1426
Description:
 Puppet Labs Facter 1.6.0 through 2.4.0 allows local users to obtains
 sensitive Amazon EC2 IAM instance metadata by reading a fact for an Amazon
 EC2 node.
Ubuntu-Description:
Notes:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778265
 https://tickets.puppetlabs.com/browse/FACT-800
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_facter:
 upstream: https://github.com/puppetlabs/facter/commit/e546bc546e7fb23ad6b68fcf2059452df4d320dd
upstream_facter: released (2.4.1)
lucid_facter: ignored (reached end-of-life)
precise_facter: ignored (reached end-of-life)
precise/esm_facter: DNE (precise was needed)
trusty_facter: ignored (out of standard support)
trusty/esm_facter: needed
utopic_facter: ignored (reached end-of-life)
vivid_facter: ignored (reached end-of-life)
vivid/stable-phone-overlay_facter: DNE
vivid/ubuntu-core_facter: DNE
wily_facter: ignored (reached end-of-life)
xenial_facter: not-affected (2.4.4-1)
yakkety_facter: ignored (reached end-of-life)
zesty_facter: ignored (reached end-of-life)
artful_facter: ignored (reached end-of-life)
bionic_facter: not-affected (2.4.4-1)
cosmic_facter: not-affected (2.4.4-1)
disco_facter: not-affected (2.4.4-1)
eoan_facter: not-affected (2.4.4-1)
focal_facter: not-affected (2.4.4-1)
groovy_facter: not-affected (2.4.4-1)
hirsute_facter: not-affected (2.4.4-1)
impish_facter: not-affected (2.4.4-1)
jammy_facter: not-affected (2.4.4-1)
devel_facter: not-affected (2.4.4-1)