VDB

DEBIAN-CVE-2023-1894

DEBIAN-CVE-2023-1894 PUBLISHED CVSS 5.300000190734863 MEDIUM

A Regular Expression Denial of Service (ReDoS) issue was discovered in Puppet Server 7.9.2 certificate validation. An issue related to specifically crafted certificate names significantly slowed down server operations.

Risk Scores

CVSS 3.1
5.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected Products

VendorProductVersions
Debian:12puppetserver0, 0, 0
Debian:14puppetserver0, 0
Debian:13puppetserver0, 0, 0

Timeline

  • May 4, 2023 CVE Published
  • May 2, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›