### [CVE-2021-27017](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27017)
![](https://img.shields.io/static/v1?label=Product&message=Puppet%20Agent&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=0.0.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=blue)

### Description

Utilization of a module presented a security risk by allowing the deserialization of untrusted/user supplied data. This is resolved in the Puppet Agent 7.4.0 release.

### POC

#### Reference
- https://www.puppet.com/security/cve/cve-2021-27017-deserialization-untrusted-data

#### Github
No PoCs found on GitHub currently.