A Regular Expression Denial of Service (ReDoS) issue was discovered in Puppet Server 7.9.2 certificate validation. An issue related to specifically crafted certificate names significantly slowed down server operations.
References
Link | Resource |
---|---|
https://www.puppet.com/security/cve/cve-2023-1894-puppet-server-redos | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2023-05-04 23:15
Updated : 2024-02-28 20:13
NVD link : CVE-2023-1894
Mitre link : CVE-2023-1894
CVE.ORG link : CVE-2023-1894
JSON object : View
Products Affected
puppet
- puppet_enterprise
- puppet_server
CWE
CWE-1333
Inefficient Regular Expression Complexity