CVE-2023-0475 — Vulnetix

CVE-2023-0475 PUBLISHED

Es existiert eine Schwachstelle in Red Hat OpenShift. Diese ist auf einen Fehler in der Komponente "go-getter" zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.

EPSS 0.15% · 35.2th percentile

Risk Scores

EPSS Score

0.15%

35.2th percentile

Affected Products

Vendor	Product	Versions
Red Hat	Red Hat OpenShift Container Platform < 4.14.0
Red Hat	Red Hat OpenShift
Red Hat	Red Hat OpenShift Container Platform 4.13
Red Hat	Red Hat Enterprise Linux
Red Hat	Red Hat OpenShift Container Platform 4.12
Oracle	Oracle Linux

Exploit Intelligence

https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125 (circl)

Timeline

Feb 16, 2023 CVE Published
Feb 17, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 29, 2023 EPSS Score
May 7, 2023 EPSS Score
Jun 16, 2023 EPSS Score
Jul 25, 2023 EPSS Score
Sep 3, 2023 EPSS Score
Oct 13, 2023 EPSS Score
Nov 21, 2023 EPSS Score
Dec 31, 2023 EPSS Score
Feb 8, 2024 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1194.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1194 advisory
https://access.redhat.com/errata/RHSA-2023:2029 advisory
https://access.redhat.com/errata/RHSA-2023:1326 advisory
https://access.redhat.com/errata/RHSA-2023:3450 advisory
https://access.redhat.com/errata/RHSA-2023:3455 advisory
https://access.redhat.com/errata/RHSA-2023:3537 advisory
https://access.redhat.com/errata/RHSA-2023:4025 advisory
https://access.redhat.com/errata/RHSA-2023:4226 advisory
https://access.redhat.com/errata/RHSA-2023:4488 advisory
https://access.redhat.com/errata/RHSA-2023:4671 advisory
https://access.redhat.com/errata/RHSA-2023:5314 advisory
https://access.redhat.com/errata/RHSA-2023:6817 advisory
https://linux.oracle.com/errata/ELSA-2023-6939.html advisory
https://access.redhat.com/errata/RHSA-2023:5006 advisory

Open in Interactive Console →