Описание
An issue has been discovered in GitLab EE with Advanced Search affecting all versions from 13.9 to 16.3.6, 16.4 prior to 16.4.2 and 16.5 prior to 16.5.1 that could allow a denial of service in the Advanced Search function by chaining too many syntax operators.
Ссылки
- Broken Link
- Broken Link
Уязвимые конфигурации
Конфигурация 1Версия от 13.9.0 (включая) до 16.3.6 (включая)Версия от 16.4.0 (включая) до 16.4.2 (исключая)
Одно из
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:16.5.0:*:*:*:enterprise:*:*:*
EPSS
Процентиль: 5%
0.00022
Низкий
3.1 Low
CVSS3
4.3 Medium
CVSS3
Дефекты
CWE-770
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 3.1
debian
больше 2 лет назад
An issue has been discovered in GitLab EE with Advanced Search affecti ...
CVSS3: 3.1
github
больше 2 лет назад
An issue has been discovered in GitLab EE with Advanced Search affecting all versions from 13.9 to 16.3.6, 16.4 prior to 16.4.2 and 16.5 prior to 16.5.1 that could allow a denial of service in the Advanced Search function by chaining too many syntax operators.
EPSS
Процентиль: 5%
0.00022
Низкий
3.1 Low
CVSS3
4.3 Medium
CVSS3
Дефекты
CWE-770
NVD-CWE-noinfo