CVE-2023-4522

Опубликовано: 30 авг. 2023

Источник: nvd

CVSS3: 4.3

CVSS3: 5.3

EPSS Низкий

Описание

An issue has been discovered in GitLab affecting all versions before 16.2.0. Committing directories containing LF character results in 500 errors when viewing the commit.

Ссылки

https://gitlab.com/gitlab-org/gitlab/-/issues/406817
Exploit
https://hackerone.com/reports/1937213
Permissions Required
https://gitlab.com/gitlab-org/gitlab/-/issues/406817
Exploit
https://hackerone.com/reports/1937213
Permissions Required
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*

Версия до 16.2.0 (исключая)

EPSS

Процентиль: 27%

0.00097

Низкий

4.3 Medium

CVSS3

5.3 Medium

CVSS3

Дефекты

CWE-1287

NVD-CWE-noinfo

Связанные уязвимости

CVE-2023-4522

CVSS3: 4.3

ubuntu

больше 2 лет назад

An issue has been discovered in GitLab affecting all versions before 16.2.0. Committing directories containing LF character results in 500 errors when viewing the commit.

CVE-2023-4522

CVSS3: 4.3

debian

больше 2 лет назад

An issue has been discovered in GitLab affecting all versions before 1 ...

GHSA-3cw2-66px-r367

CVSS3: 4.3

github

больше 2 лет назад

An issue has been discovered in GitLab affecting all versions starting from 16.2.0. Committing directories containing LF character results in 500 errors when viewing the commit

EPSS

Процентиль: 27%

0.00097

Низкий

4.3 Medium

CVSS3

5.3 Medium

CVSS3

Дефекты

CWE-1287

NVD-CWE-noinfo