Lucene search
Redhat.comRH:CVE-2023-1894HistoryMay 04, 2023 - 10:21 a.m.
CVE-2023-1894
2023-05-0410:21:22
redhat.com
access.redhat.com
12
cve-2023-1894
regular expression denial of service
puppet server
certificate validation
server operations
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
0.0005 Low
EPSS
Percentile
18.2%
A Regular expression Denial of Service (ReDoS) issue was found in the Puppet Server 7.9.2 certificate validation. An issue related to specifically crafted certificate names significantly slowed down server operations.
Related
cve
cve
CVE-2023-1894
2023-05-04 23:15:08
nessus
nessus
Puppet Enterprise 2021.7.1 / 2023.0 DoS
2023-11-01 00:00:00
Rocky Linux 8 : Satellite 6.14 (RLSA-2023:6818)
2023-11-11 00:00:00
RHEL 8 : Satellite 6.14 (RHSA-2023:6818)
2024-04-29 00:00:00
prion
prion
Input validation
2023-05-04 23:15:00
debiancve
debiancve
CVE-2023-1894
2023-05-04 23:15:08
osv
osv
CVE-2023-1894
2023-05-04 23:15:08
cvelist
cvelist
CVE-2023-1894
2023-05-04 22:13:02
nvd
nvd
CVE-2023-1894
2023-05-04 23:15:08
ubuntucve
ubuntucve
CVE-2023-1894
2023-05-04 00:00:00
redhat
redhat
(RHSA-2023:6818) Important: Satellite 6.14 security and bug fix update
2023-11-08 14:10:25
rocky
rocky
Satellite 6.14 security and bug fix update
2023-11-11 22:58:57
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
0.0005 Low
EPSS
Percentile
18.2%
Related for RH:CVE-2023-1894