CVE-2023-3210

An issue has been discovered in GitLab affecting all versions starting from 15.11 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. An authenticated user could trigger a denial of service when importing or cloning malicious content.
References
Link Resource
https://gitlab.com/gitlab-org/gitlab/-/issues/415074 Issue Tracking Vendor Advisory
https://hackerone.com/reports/2011474 Permissions Required
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:16.3.0:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:16.3.0:*:*:*:enterprise:*:*:*

History

08 Oct 2024, 19:19

Type Values Removed Values Added
References () https://gitlab.com/gitlab-org/gitlab/-/issues/415074 - Broken Link () https://gitlab.com/gitlab-org/gitlab/-/issues/415074 - Issue Tracking, Vendor Advisory
CWE CWE-400

03 Oct 2024, 07:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-09-01 11:15

Updated : 2024-10-08 19:19


NVD link : CVE-2023-3210

Mitre link : CVE-2023-3210

CVE.ORG link : CVE-2023-3210


JSON object : View

Products Affected

gitlab

  • gitlab
CWE
CWE-1333

Inefficient Regular Expression Complexity