Lucene search
PuppetCVELIST:CVE-2023-1894HistoryMay 04, 2023 - 10:13 p.m.
CVE-2023-1894
2023-05-0422:13:02
puppet
www.cve.org
regular expression dos
puppet server
certificate validation
security issue
A Regular Expression Denial of Service (ReDoS) issue was discovered in Puppet Server 7.9.2 certificate validation. An issue related to specifically crafted certificate names significantly slowed down server operations.
CNA Affected
[
{
"vendor": "Puppet",
"product": "Puppet Enterprise",
"versions": [
{
"version": "2021.7.1",
"status": "affected",
"lessThan": "2021.7.3",
"versionType": "semver"
},
{
"version": "2023.0.0",
"status": "affected",
"lessThan": "2023.1.0",
"versionType": "semver"
}
],
"defaultStatus": "unaffected"
},
{
"vendor": "Puppet",
"product": "Puppet Server",
"versions": [
{
"version": "7.9.2",
"status": "affected",
"lessThan": "7.11.0",
"versionType": "semver"
},
{
"version": "7.9.2",
"status": "affected",
"lessThan": "8.0.0",
"versionType": "semver"
}
],
"defaultStatus": "unaffected"
}
]Related
redhatcve
redhatcve
CVE-2023-1894
2023-05-04 10:21:22
cve
cve
CVE-2023-1894
2023-05-04 23:15:08
nessus
nessus
Puppet Enterprise 2021.7.1 / 2023.0 DoS
2023-11-01 00:00:00
Rocky Linux 8 : Satellite 6.14 (RLSA-2023:6818)
2023-11-11 00:00:00
RHEL 8 : Satellite 6.14 (RHSA-2023:6818)
2024-04-29 00:00:00
osv
osv
CVE-2023-1894
2023-05-04 23:15:08
nvd
nvd
CVE-2023-1894
2023-05-04 23:15:08
prion
prion
Input validation
2023-05-04 23:15:00
debiancve
debiancve
CVE-2023-1894
2023-05-04 23:15:08
ubuntucve
ubuntucve
CVE-2023-1894
2023-05-04 00:00:00
redhat
redhat
(RHSA-2023:6818) Important: Satellite 6.14 security and bug fix update
2023-11-08 14:10:25
rocky
rocky
Satellite 6.14 security and bug fix update
2023-11-11 22:58:57