An issue has been discovered in GitLab affecting all versions starting from 15.11 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. An authenticated user could trigger a denial of service when importing or cloning malicious content.
References
| Link | Resource |
|---|---|
| https://gitlab.com/gitlab-org/gitlab/-/issues/415067 | Issue Tracking Vendor Advisory |
| https://hackerone.com/reports/2011464 | Permissions Required |
Configurations
Configuration 1 (hide)
|
History
08 Oct 2024, 19:20
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | ||
| References | () https://gitlab.com/gitlab-org/gitlab/-/issues/415067 - Issue Tracking, Vendor Advisory |
03 Oct 2024, 07:15
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-1333 |
01 Sep 2023, 21:13
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-400 | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
| CPE | cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:* cpe:2.3:a:gitlab:gitlab:16.3.0:*:*:*:community:*:*:* cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:* cpe:2.3:a:gitlab:gitlab:16.3.0:*:*:*:enterprise:*:*:* |
|
| First Time |
Gitlab gitlab
Gitlab |
|
| References | (MISC) https://hackerone.com/reports/2011464 - Permissions Required | |
| References | (MISC) https://gitlab.com/gitlab-org/gitlab/-/issues/415067 - Broken Link |
01 Sep 2023, 11:47
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-09-01 11:15
Updated : 2024-10-08 19:20
NVD link : CVE-2023-3205
Mitre link : CVE-2023-3205
CVE.ORG link : CVE-2023-3205
JSON object : View
Products Affected
gitlab
- gitlab
CWE
CWE-1333
Inefficient Regular Expression Complexity