CVE-2019-15584

Опубликовано: 20 дек. 2019

Источник: debian

EPSS Низкий

Описание

A denial of service exists in gitlab <v12.3.2, <v12.2.6, and <v12.1.10 that would let an attacker bypass input validation in markdown fields take down the affected page.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
gitlab	fixed	12.6.8-3		package

Примечания

https://hackerone.com/reports/670572
https://about.gitlab.com/releases/2019/09/30/security-release-gitlab-12-dot-3-dot-2-released/

EPSS

Процентиль: 30%

0.00108

Низкий

Связанные уязвимости

CVE-2019-15584

CVSS3: 6.5

ubuntu

больше 5 лет назад

A denial of service exists in gitlab <v12.3.2, <v12.2.6, and <v12.1.10 that would let an attacker bypass input validation in markdown fields take down the affected page.

CVE-2019-15584

CVSS3: 6.5

nvd

больше 5 лет назад

A denial of service exists in gitlab <v12.3.2, <v12.2.6, and <v12.1.10 that would let an attacker bypass input validation in markdown fields take down the affected page.

GHSA-3rm3-2566-pgwv

CVSS3: 6.5

github

около 3 лет назад

A denial of service exists in gitlab <v12.3.2, <v12.2.6, and <v12.1.10 that would let an attacker bypass input validation in markdown fields take down the affected page.

EPSS

Процентиль: 30%

0.00108

Низкий