Vulnerability Details CVE-2023-1894
A Regular Expression Denial of Service (ReDoS) issue was discovered in Puppet Server 7.9.2 certificate validation. An issue related to specifically crafted certificate names significantly slowed down server operations.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 13.6%
CVSS Severity
CVSS v3 Score 5.3
References
Products affected by CVE-2023-1894
-
cpe:2.3:a:puppet:puppet_enterprise:2021.7.1
-
cpe:2.3:a:puppet:puppet_enterprise:2023.0
-
cpe:2.3:a:puppet:puppet_server:7.9.2