CVE-2022-2592 in Community Editioninfo

Zusammenfassung

von MITRE • 17.10.2022

A lack of length validation in Snippet descriptions in GitLab CE/EE affecting all versions prior to 15.1.6, 15.2 prior to 15.2.4 and 15.3 prior to 15.3.2 allows an authenticated attacker to create a maliciously large Snippet which when requested with or without authentication places excessive load on the server, potential leading to Denial of Service.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Zuständig

GitLab Inc.

Reservieren

01.08.2022

Veröffentlichung

17.10.2022

Moderieren

akzeptiert

Eintrag

VDB-211171

CPE

bereit

EPSS

0.01044

KEV

nein

Aktivitäten

very low

Quellen

Do you know our Splunk app?

Download it now for free!