CVE-2023-2319
9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
It was discovered that an update for PCS package in RHBA-2023:2151 erratum released as part of Red Hat Enterprise Linux 9.2 failed to include the fix for the Webpack issue CVE-2023-28154 (for PCS package), which was previously addressed in Red Hat Enterprise Linux 9.1 via erratum RHSA-2023:1591. The CVE-2023-2319 was assigned to that Red Hat specific security regression in Red Hat Enterprise Linux 9.2.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | pcs | Affects pcs v0.11.4-6.el9, Fixed in pcs v0.11.4-7.el9_2 | affected |
Weaknesses
- NA
ADP Enrichment
CVE Program Container
Additional References
- https://bugzilla.redhat.com/show_bug.cgi?id=2190092
- https://access.redhat.com/security/cve/CVE-2023-2319
- https://access.redhat.com/errata/RHSA-2023:2652
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: total
References
- https://bugzilla.redhat.com/show_bug.cgi?id=2190092
- https://access.redhat.com/security/cve/CVE-2023-2319
- https://access.redhat.com/errata/RHSA-2023:2652
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.