Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-2319

It was discovered that an update for PCS package in RHBA-2023:2151 erratum released as part of Red Hat Enterprise Linux 9.2 failed to include the fix for the Webpack issue CVE-2023-28154 (for PCS package), which was previously addressed in Red Hat Enterprise Linux 9.1 via erratum RHSA-2023:1591. The CVE-2023-2319 was assigned to that Red Hat specific security regression in Red Hat Enterprise Linux 9.2.

Published

2023-05-17T23:15:09.313

Last Modified

2025-01-22T19:15:09.283

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

Weaknesses

Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	clusterlabs	pcs	0.11.4-6.el9	Yes
Operating System	redhat	enterprise_linux_high_availability	9.0	Yes
Operating System	redhat	enterprise_linux_high_availability_eus	9.2	Yes

References

https://access.redhat.com/errata/RHSA-2023:2652 Third Party Advisory ([email protected])
https://access.redhat.com/security/cve/CVE-2023-2319 Third Party Advisory ([email protected])
https://bugzilla.redhat.com/show_bug.cgi?id=2190092 Issue Tracking ([email protected])
https://access.redhat.com/errata/RHSA-2023:2652 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/security/cve/CVE-2023-2319 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=2190092 Issue Tracking (af854a3a-2127-422b-91ae-364da2661108)