Launchpad.net

CVE 2015-1426

Puppet Labs Facter 1.6.0 through 2.4.0 allows local users to obtains sensitive Amazon EC2 IAM instance metadata by reading a fact for an Amazon EC2 node.

See the CVE page on Mitre.org for more details.

References