Overview
- Description
- A potential DOS vulnerability was discovered in GitLab CE/EE affecting all versions from 10.8 before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2. Improper data handling on branch creation could have been used to trigger high CPU usage.
- Source
- cve@gitlab.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- HIGH
Weaknesses
- nvd@nist.gov
- CWE-400
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DBE8F371-4F0B-4297-B371-B1F9EBD9CE84",
"versionEndExcluding": "15.1.6",
"versionStartIncluding": "10.8.0"
},
{
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6A8BAF85-89E6-4076-BC77-68B373A55131",
"versionEndExcluding": "15.2.4",
"versionStartIncluding": "15.2"
},
{
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AA27BF5F-F6D1-4844-9B0A-05B899611DF7",
"versionEndExcluding": "15.3.2",
"versionStartIncluding": "15.3"
}
],
"operator": "OR"
}
]
}
]