Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2023-6159HistoryJan 26, 2024 - 2:15 a.m.
CVE-2023-6159
2024-01-2602:15:07
Debian Security Bug Tracker
security-tracker.debian.org
9
gitlab
ce
ee
12.7-16.8.1
regex
dos
cargo.toml
unix
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
18.2%
An issue has been discovered in GitLab CE/EE affecting all versions from 12.7 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1 It was possible for an attacker to trigger a Regular Expression Denial of Service via a Cargo.toml containing maliciously crafted input.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 999 | all | gitlab | < 16.6.6-1 | gitlab_16.6.6-1_all.deb |
Related
prion
prion
Input validation
2024-01-26 02:15:00
nvd
nvd
CVE-2023-6159
2024-01-26 02:15:07
cve
cve
CVE-2023-6159
2024-01-26 02:15:07
cvelist
cvelist
CVE-2023-6159 Inefficient Regular Expression Complexity in GitLab
2024-01-26 02:02:29
osv
osv
CVE-2023-6159
2024-01-26 02:15:07
BIT-gitlab-2023-6159
2024-03-06 10:54:58
nessus
nessus
GitLab 12.7 < 16.6.6 / 16.7 < 16.7.4 / 16.8 < 16.8.1 (CVE-2023-6159)
2024-01-25 00:00:00
FreeBSD : Gitlab -- vulnerabilities (61fe903b-bc2e-11ee-b06e-001b217b3468)
2024-01-27 00:00:00
veracode
veracode
Regular Expression Denial Of Service (ReDoS)
2024-02-02 17:58:45
ubuntucve
ubuntucve
CVE-2023-6159
2024-01-26 00:00:00
freebsd
freebsd
Gitlab -- vulnerabilities
2024-01-25 00:00:00
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
18.2%
Related for DEBIANCVE:CVE-2023-6159