CVE-2022-2592 in Community Editioninformazioni

Riassunto

di MITRE • 17/10/2022

A lack of length validation in Snippet descriptions in GitLab CE/EE affecting all versions prior to 15.1.6, 15.2 prior to 15.2.4 and 15.3 prior to 15.3.2 allows an authenticated attacker to create a maliciously large Snippet which when requested with or without authentication places excessive load on the server, potential leading to Denial of Service.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Responsabile

GitLab Inc.

Prenotare

01/08/2022

Divulgazione

17/10/2022

Moderazione

accettato

CPE

pronto

EPSS

0.01044

KEV

no

Attività

molto basso

Fonti

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!