CVE-2023-6678

Published Apr 12, 2024

Last updated a month ago

CVSS medium 4.3

Overview

Description
An issue has been discovered in GitLab EE affecting all versions before 16.8.6, all versions starting from 16.9 before 16.9.4, all versions starting from 16.10 before 16.10.2. It was possible for an attacker to cause a denial of service using malicious crafted content in a junit test report file.
Source
cve@gitlab.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
4.3
Impact score
1.4
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Severity
MEDIUM

Weaknesses

cve@gitlab.com
CWE-1333

Social media

Hype score
Not currently trending

References