Headline
CVE-2023-1894: CVE-2023-1894 - Puppet Server ReDoS
A Regular Expression Denial of Service (ReDoS) issue was discovered in Puppet Server 7.9.2 certificate validation. An issue related to specifically crafted certificate names significantly slowed down server operations.
**CVSS 3 Base Score:
5.3
****Posted On:
May 2, 2023
****Assessed Risk Level:
Medium
**
A Regular Expression Denial of Service (ReDoS) issue was discovered in Puppet Server 7.9.2 certificate validation. An issue related to specifically crafted certificate names significantly slowed down server operations.
Status:
Affected software versions:
Puppet Enterprise 2021.7.1
Puppet Enterprise 2023.0
Puppet Server 7.9.2
Resolved in:
Puppet Enterprise 2021.7.3
Puppet Enterprise 2023.1
Puppet Server 7.11.0 and 8.0.0
← Back to CVE Listings