Vulnerabilities > CVE-2023-5625 - Unspecified vulnerability in Redhat products

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

redhat

NVD

Published: 2023-11-01

Updated: 2024-08-01

Summary

A regression was introduced in the Red Hat build of python-eventlet due to a change in the patch application strategy, resulting in a patch for CVE-2021-21419 not being applied for all builds of all products.

Vulnerable Configurations

Part	Description	Count
Application	Redhat Redhat Openshift Container Platform FOR Arm64 4.12 Redhat Openshift Container Platform FOR Linuxone 4.12 Redhat Openshift Container Platform FOR Power 4.12 Redhat Openshift Container Platform IBM Z Systems 4.12 Redhat Openstack Platform 17.1	5
OS	Redhat Redhat Enterprise Linux 8.0 Redhat Enterprise Linux 9.0	2

References

https://bugzilla.redhat.com/show_bug.cgi?id=2244717
https://access.redhat.com/errata/RHSA-2023:6128
https://access.redhat.com/security/cve/CVE-2023-5625
https://access.redhat.com/errata/RHSA-2024:0188
https://access.redhat.com/errata/RHSA-2024:0213