A denial of service issue was discovered in GitLab CE/EE affecting all versions starting from 13.2.4 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2 which allows an attacker to cause high resource consumption using malicious test report artifacts.
References
Link | Resource |
---|---|
https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0121.json | Vendor Advisory |
https://gitlab.com/gitlab-org/gitlab/-/issues/387549 | Broken Link |
https://hackerone.com/reports/1774688 | Permissions Required Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
14 Jun 2023, 01:03
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://gitlab.com/gitlab-org/gitlab/-/issues/387549 - Broken Link | |
References | (MISC) https://hackerone.com/reports/1774688 - Permissions Required, Third Party Advisory | |
References | (CONFIRM) https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0121.json - Vendor Advisory | |
CPE | cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:* cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
First Time |
Gitlab
Gitlab gitlab |
|
CWE | CWE-400 |
07 Jun 2023, 17:28
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-06-07 17:15
Updated : 2024-02-28 20:13
NVD link : CVE-2023-0121
Mitre link : CVE-2023-0121
CVE.ORG link : CVE-2023-0121
JSON object : View
Products Affected
gitlab
- gitlab
CWE
CWE-400
Uncontrolled Resource Consumption