CVE-2022-2592 in Community Edition情報

要約

〜によって MITRE • 2022年10月17日

A lack of length validation in Snippet descriptions in GitLab CE/EE affecting all versions prior to 15.1.6, 15.2 prior to 15.2.4 and 15.3 prior to 15.3.2 allows an authenticated attacker to create a maliciously large Snippet which when requested with or without authentication places excessive load on the server, potential leading to Denial of Service.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

責任者

GitLab Inc.

予約する

2022年08月01日

モデレーション

承諾済み

エントリ

VDB-211171

EPSS

0.01044

アクティビティ

非常低い

ソース

Want to know what is going to be exploited?

We predict KEV entries!