OpenCVE

Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to <= 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three certificates in circulation with keys larger than this, and all three appear to be test certificates that are not actively deployed. It is possible there are larger keys in use in private PKIs, but we target the web PKI, so causing breakage here in the interests of increasing the default safety of users of crypto/tls seems reasonable.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Golang	Go
Redhat	Ansible Automation Platform Cert Manager Cryostat Enterprise Linux Logging Migration Toolkit Applications Migration Toolkit Virtualization Network Observ Optr Openshift Openshift Api Data Protection Openshift Data Foundation Openshift Distributed Tracing Openshift Secondary Scheduler Openshift Serverless Openstack Rhmt Run Once Duration Override Operator Serverless Service Telemetry Framework

Configuration 1 [-]

OR	cpe:2.3:a:golang:go::::::::
	cpe:2.3:a:golang:go::::::::
	cpe:2.3:a:golang:go:1.21.0:rc1::::::
	cpe:2.3:a:golang:go:1.21.0:rc2::::::
	cpe:2.3:a:golang:go:1.21.0:rc3::::::

Package	CPE	Advisory	Released Date
CERT-MANAGER-1.11-RHEL-9
cert-manager/cert-manager-operator-rhel9:v1.11.5-5	cpe:/a:redhat:cert_manager:1.11::el9	RHSA-2023:6279	2023-11-15T00:00:00Z
Cryostat 2 on RHEL 8
cryostat-tech-preview/cryostat-rhel8-operator:2.3.1-11	cpe:/a:redhat:cryostat:2::el8	RHSA-2023:6031	2023-10-23T00:00:00Z
Migration Toolkit for Virtualization 2.4
migration-toolkit-virtualization/mtv-rhel8-operator:2.4.3-3	cpe:/a:redhat:migration_toolkit_virtualization:2.4::el8	RHBA-2023:6109	2023-10-25T00:00:00Z
MTA-6.2-RHEL-8
mta/mta-rhel8-operator:6.2.2-3	cpe:/a:redhat:migration_toolkit_applications:6.2::el8	RHSA-2024:1027	2024-02-28T00:00:00Z
MTA-6.2-RHEL-9
mta/mta-hub-rhel9:6.2.2-2	cpe:/a:redhat:migration_toolkit_applications:6.2::el9	RHSA-2024:1027	2024-02-28T00:00:00Z
mta/mta-operator-bundle:6.2.2-5	cpe:/a:redhat:migration_toolkit_applications:6.2::el9	RHSA-2024:1027	2024-02-28T00:00:00Z
mta/mta-pathfinder-rhel9:6.2.2-2	cpe:/a:redhat:migration_toolkit_applications:6.2::el9	RHSA-2024:1027	2024-02-28T00:00:00Z
mta/mta-ui-rhel9:6.2.2-2	cpe:/a:redhat:migration_toolkit_applications:6.2::el9	RHSA-2024:1027	2024-02-28T00:00:00Z
mta/mta-windup-addon-rhel9:6.2.2-3	cpe:/a:redhat:migration_toolkit_applications:6.2::el9	RHSA-2024:1027	2024-02-28T00:00:00Z
NETWORK-OBSERVABILITY-1.4.0-RHEL-9
network-observability/network-observability-rhel9-operator:v1.4.0-51	cpe:/a:redhat:network_observ_optr:1.4.0::el9	RHSA-2023:5974	2023-10-20T00:00:00Z
OADP-1.1-RHEL-8
oadp/oadp-velero-rhel8:1.1.7-6	cpe:/a:redhat:openshift_api_data_protection:1.1::el8	RHSA-2023:6115	2023-10-25T00:00:00Z
Openshift Serverless 1 on RHEL 8
openshift-serverless-clients-0:1.9.2-4.el8	cpe:/a:redhat:serverless:1.0::el8	RHSA-2023:6298	2023-11-03T00:00:00Z
OSSO-1.1-RHEL-8
openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8:v1.1-37	cpe:/a:redhat:openshift_secondary_scheduler:1.1::el8	RHSA-2023:5933	2023-10-26T00:00:00Z
Red Hat Ansible Automation Platform 2.4 for RHEL 8
receptor-0:1.4.2-1.el8ap	cpe:/a:redhat:ansible_automation_platform:2.4::el8	RHSA-2023:5805	2023-10-17T00:00:00Z
Red Hat Ansible Automation Platform 2.4 for RHEL 9
receptor-0:1.4.2-1.el9ap	cpe:/a:redhat:ansible_automation_platform:2.4::el9	RHSA-2023:5805	2023-10-17T00:00:00Z
Red Hat Enterprise Linux 8
go-toolset:rhel8-8080020231013004859.6b4b45d8	cpe:/a:redhat:enterprise_linux:8	RHSA-2023:5721	2023-10-16T00:00:00Z
container-tools:4.0-8090020231207142256.d7b6f4b7	cpe:/a:redhat:enterprise_linux:8	RHSA-2024:0121	2024-01-10T00:00:00Z
container-tools:rhel8-8100020240227110532.82888897	cpe:/a:redhat:enterprise_linux:8	RHSA-2024:2988	2024-05-22T00:00:00Z
Red Hat Enterprise Linux 9
golang-0:1.19.13-1.el9_2	cpe:/a:redhat:enterprise_linux:9	RHSA-2023:5738	2023-10-16T00:00:00Z
skopeo-2:1.13.3-3.el9_3	cpe:/a:redhat:enterprise_linux:9	RHSA-2023:7762	2023-12-12T00:00:00Z
runc-4:1.1.9-2.el9_3	cpe:/a:redhat:enterprise_linux:9	RHSA-2023:7763	2023-12-12T00:00:00Z
buildah-1:1.31.3-2.el9_3	cpe:/a:redhat:enterprise_linux:9	RHSA-2023:7764	2023-12-12T00:00:00Z
podman-2:4.6.1-7.el9_3	cpe:/a:redhat:enterprise_linux:9	RHSA-2023:7765	2023-12-12T00:00:00Z
containernetworking-plugins-1:1.3.0-6.el9_3	cpe:/a:redhat:enterprise_linux:9	RHSA-2023:7766	2023-12-12T00:00:00Z
Red Hat Migration Toolkit for Containers 1.7
rhmtc/openshift-velero-plugin-rhel8:v1.7.14-3	cpe:/a:redhat:rhmt:1.7::el8	RHSA-2023:6161	2023-10-30T00:00:00Z
Red Hat OpenShift Container Platform 4.14
podman-3:4.4.1-10.1.rhaos4.14.el9	cpe:/a:redhat:openshift:4.14::el8	RHSA-2023:5009	2023-10-31T00:00:00Z
runc-4:1.1.9-2.1.rhaos4.14.el9	cpe:/a:redhat:openshift:4.14::el8	RHSA-2023:5009	2023-10-31T00:00:00Z
openshift-clients-0:4.14.0-202311031050.p0.g9b1e0d2.assembly.stream.el9	cpe:/a:redhat:openshift:4.14::el8	RHSA-2023:6840	2023-11-15T00:00:00Z
openshift-0:4.14.0-202401121302.p0.ge36e183.assembly.stream.el9	cpe:/a:redhat:openshift:4.14::el8	RHSA-2024:0293	2024-01-23T00:00:00Z
microshift-0:4.14.10-202401181720.p0.gd25a4c5.assembly.4.14.10.el9	cpe:/a:redhat:openshift:4.14::el9	RHSA-2024:0292	2024-01-23T00:00:00Z
Red Hat OpenShift distributed tracing 2
jaeger-agent-container	cpe:/a:redhat:openshift_distributed_tracing:2.9::el8	RHSA-2023:6085	2023-10-24T00:00:00Z
jaeger-all-in-one-container	cpe:/a:redhat:openshift_distributed_tracing:2.9::el8	RHSA-2023:6085	2023-10-24T00:00:00Z
jaeger-collector-container	cpe:/a:redhat:openshift_distributed_tracing:2.9::el8	RHSA-2023:6085	2023-10-24T00:00:00Z
jaeger-es-index-cleaner-container	cpe:/a:redhat:openshift_distributed_tracing:2.9::el8	RHSA-2023:6085	2023-10-24T00:00:00Z
jaeger-es-rollover-container	cpe:/a:redhat:openshift_distributed_tracing:2.9::el8	RHSA-2023:6085	2023-10-24T00:00:00Z
jaeger-ingester-container	cpe:/a:redhat:openshift_distributed_tracing:2.9::el8	RHSA-2023:6085	2023-10-24T00:00:00Z
jaeger-operator-bundle-container	cpe:/a:redhat:openshift_distributed_tracing:2.9::el8	RHSA-2023:6085	2023-10-24T00:00:00Z
jaeger-operator-container	cpe:/a:redhat:openshift_distributed_tracing:2.9::el8	RHSA-2023:6085	2023-10-24T00:00:00Z
jaeger-query-container	cpe:/a:redhat:openshift_distributed_tracing:2.9::el8	RHSA-2023:6085	2023-10-24T00:00:00Z
opentelemetry-collector-container	cpe:/a:redhat:openshift_distributed_tracing:2.9::el8	RHSA-2023:6085	2023-10-24T00:00:00Z
opentelemetry-operator-bundle-container	cpe:/a:redhat:openshift_distributed_tracing:2.9::el8	RHSA-2023:6085	2023-10-24T00:00:00Z
opentelemetry-operator-container	cpe:/a:redhat:openshift_distributed_tracing:2.9::el8	RHSA-2023:6085	2023-10-24T00:00:00Z
tempo-container	cpe:/a:redhat:openshift_distributed_tracing:2.9::el8	RHSA-2023:6085	2023-10-24T00:00:00Z
tempo-gateway-container	cpe:/a:redhat:openshift_distributed_tracing:2.9::el8	RHSA-2023:6085	2023-10-24T00:00:00Z
tempo-gateway-opa-container	cpe:/a:redhat:openshift_distributed_tracing:2.9::el8	RHSA-2023:6085	2023-10-24T00:00:00Z
tempo-operator-bundle-container	cpe:/a:redhat:openshift_distributed_tracing:2.9::el8	RHSA-2023:6085	2023-10-24T00:00:00Z
tempo-operator-container	cpe:/a:redhat:openshift_distributed_tracing:2.9::el8	RHSA-2023:6085	2023-10-24T00:00:00Z
tempo-query-container	cpe:/a:redhat:openshift_distributed_tracing:2.9::el8	RHSA-2023:6085	2023-10-24T00:00:00Z
Red Hat OpenShift Serverless 1.30
openshift-serverless-1/client-kn-rhel8:1.9.2-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/eventing-controller-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/eventing-in-memory-channel-controller-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/eventing-kafka-broker-controller-rhel8:1.9.0-9	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8:1.9.0-9	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/eventing-kafka-broker-post-install-rhel8:1.9.0-9	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/eventing-kafka-broker-receiver-rhel8:1.9.0-9	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/eventing-kafka-broker-webhook-rhel8:1.9.0-9	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/eventing-mtbroker-filter-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/eventing-mtbroker-ingress-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/eventing-mtchannel-broker-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/eventing-mtping-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/eventing-storage-version-migration-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/eventing-webhook-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/func-utils-rhel8:1.30.2-2	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/ingress-rhel8-operator:1.30.2-3	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/knative-rhel8-operator:1.30.2-3	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/kn-cli-artifacts-rhel8:1.9.2-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/kourier-control-rhel8:1.9.0-5	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/net-istio-controller-rhel8:1.9.0-5	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/net-istio-webhook-rhel8:1.9.0-5	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/serverless-operator-bundle:1.30.2-2	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/serverless-rhel8-operator:1.30.2-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/serving-activator-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/serving-autoscaler-hpa-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/serving-autoscaler-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/serving-controller-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/serving-domain-mapping-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/serving-domain-mapping-webhook-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/serving-queue-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/serving-storage-version-migration-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/serving-webhook-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/svls-must-gather-rhel8:1.30.2-1	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1-tech-preview/logic-data-index-ephemeral-rhel8:1.30.0-8	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1-tech-preview/logic-swf-builder-rhel8:1.30.0-9	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8:1.30.0-9	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
Red Hat OpenStack Platform 16.2
rhosp-rhel8/osp-director-agent:1.3.0-10	cpe:/a:redhat:openstack:16.2::el8	RHSA-2023:5935	2023-10-19T00:00:00Z
rhosp-rhel8/osp-director-downloader:1.3.0-11	cpe:/a:redhat:openstack:16.2::el8	RHSA-2023:5935	2023-10-19T00:00:00Z
rhosp-rhel8/osp-director-operator:1.3.0-9	cpe:/a:redhat:openstack:16.2::el8	RHSA-2023:5935	2023-10-19T00:00:00Z
rhosp-rhel8/osp-director-operator-bundle:1.3.0-19	cpe:/a:redhat:openstack:16.2::el8	RHSA-2023:5935	2023-10-19T00:00:00Z
collectd-libpod-stats-0:1.0.4-5.el8ost	cpe:/a:redhat:openstack:16.2::el8	RHSA-2023:5964	2023-10-20T00:00:00Z
etcd-0:3.3.23-15.el8ost	cpe:/a:redhat:openstack:16.2::el8	RHSA-2023:5965	2023-10-20T00:00:00Z
Red Hat OpenStack Platform 17.1 for RHEL 9
collectd-libpod-stats-0:1.0.5-6.el9ost	cpe:/a:redhat:openstack:17.1::el9	RHSA-2023:5969	2023-10-20T00:00:00Z
rhosp-rhel9/osp-director-agent:1.3.1-11	cpe:/a:redhat:openstack:17.1::el9	RHSA-2023:5971	2023-10-20T00:00:00Z
rhosp-rhel9/osp-director-downloader:1.3.1-9	cpe:/a:redhat:openstack:17.1::el9	RHSA-2023:5971	2023-10-20T00:00:00Z
rhosp-rhel9/osp-director-operator:1.3.1-11	cpe:/a:redhat:openstack:17.1::el9	RHSA-2023:5971	2023-10-20T00:00:00Z
rhosp-rhel9/osp-director-operator-bundle:1.3.1-18	cpe:/a:redhat:openstack:17.1::el9	RHSA-2023:5971	2023-10-20T00:00:00Z
RHODF-4.15-RHEL-9
odf4/cephcsi-rhel9:v4.15.0-37	cpe:/a:redhat:openshift_data_foundation:4.15::el9	RHSA-2024:1383	2024-03-19T00:00:00Z
RHOL-5.6-RHEL-8
openshift-logging/logging-loki-rhel8:v2.9.2-2	cpe:/a:redhat:logging:5.6::el8	RHSA-2023:5541	2023-10-20T00:00:00Z
RHOL-5.7-RHEL-8
openshift-logging/logging-loki-rhel8:v2.9.2-1	cpe:/a:redhat:logging:5.7::el8	RHSA-2023:5530	2023-10-20T00:00:00Z
RODOO-1.0-RHEL-8
run-once-duration-override-operator/run-once-duration-override-rhel8:v1.0-30	cpe:/a:redhat:run_once_duration_override_operator:1.0::el8	RHSA-2023:5947	2023-10-26T00:00:00Z
STF-1.5-RHEL-8
stf/prometheus-webhook-snmp-rhel8:1.5.2-8	cpe:/a:redhat:service_telemetry_framework:1.5::el8	RHSA-2023:5976	2023-10-20T00:00:00Z
stf/service-telemetry-operator-bundle:1.5.1697612918-1	cpe:/a:redhat:service_telemetry_framework:1.5::el8	RHSA-2023:5976	2023-10-20T00:00:00Z
stf/service-telemetry-rhel8-operator:1.5.1-8	cpe:/a:redhat:service_telemetry_framework:1.5::el8	RHSA-2023:5976	2023-10-20T00:00:00Z
stf/sg-bridge-rhel8:1.5.0-18	cpe:/a:redhat:service_telemetry_framework:1.5::el8	RHSA-2023:5976	2023-10-20T00:00:00Z
stf/sg-core-rhel8:5.1.1-8	cpe:/a:redhat:service_telemetry_framework:1.5::el8	RHSA-2023:5976	2023-10-20T00:00:00Z
stf/smart-gateway-operator-bundle:5.0.1697612918-1	cpe:/a:redhat:service_telemetry_framework:1.5::el8	RHSA-2023:5976	2023-10-20T00:00:00Z
stf/smart-gateway-rhel8-operator:5.0.1-9	cpe:/a:redhat:service_telemetry_framework:1.5::el8	RHSA-2023:5976	2023-10-20T00:00:00Z

References

Link	Providers
https://go.dev/cl/515257
https://go.dev/issue/61460
https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ
https://nvd.nist.gov/vuln/detail/CVE-2023-29409
https://pkg.go.dev/vuln/GO-2023-1987
https://security.gentoo.org/glsa/202311-09
https://security.netapp.com/advisory/ntap-20230831-0010/
https://www.cve.org/CVERecord?id=CVE-2023-29409

History

Tue, 22 Oct 2024 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Sun, 08 Sep 2024 18:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat openshift Distributed Tracing
CPEs		cpe:/a:redhat:openshift_distributed_tracing:2.9::el8
Vendors & Products		Redhat openshift Distributed Tracing

Mon, 19 Aug 2024 22:30:00 +0000

Type	Values Removed	Values Added
CPEs	~~cpe:/a:redhat:openshift_distributed_tracing:2.9::el8~~
Vendors & Products	Redhat openshift Distributed Tracing

MITRE

Status: PUBLISHED

Assigner: Go

Published: 2023-08-02T19:47:23.829Z

Updated: 2024-10-22T14:16:01.839Z

Reserved: 2023-04-05T19:36:35.043Z

Link: CVE-2023-29409

Vulnrichment

Updated: 2024-08-02T14:07:46.160Z

NVD

Status : Modified

Published: 2023-08-02T20:15:11.940

Modified: 2023-11-25T11:15:14.870

Link: CVE-2023-29409

Redhat

Severity : Moderate

Publid Date: 2023-08-02T00:00:00Z

Links: CVE-2023-29409 - Bugzilla

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object