Lucene search
FreeBSDDAD6294C-F7C1-11EE-BB77-001B217B3468HistoryApr 10, 2024 - 12:00 a.m.
Gitlab -- Patch Release: 16.10.2, 16.9.4, 16.8.6
2024-04-1000:00:00
vuxml.freebsd.org
15
gitlab
patch release
stored xss
redos
unix
diff viewer
autocomplete
integrations
chat messages
junit test report
CVSS3
8.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
AI Score
6
Confidence
High
EPSS
0
Percentile
9.0%
Gitlab reports:
Stored XSS injected in diff viewer
Stored XSS via autocomplete results
Redos on Integrations Chat Messages
Redos During Parse Junit Test Report
Related
nessus
nessus
osv
osv
BIT-gitlab-2024-2279
2024-04-16 07:19:14
CVE-2024-2279
2024-04-12 01:15:57
BIT-gitlab-2023-6678
2024-04-16 07:22:40
vulnrichment
vulnrichment
CVE-2023-6678 Uncontrolled Resource Consumption in GitLab
2024-04-12 00:53:31
CVE-2024-2279 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
2024-04-12 00:53:21
CVE-2023-6489 Uncontrolled Resource Consumption in GitLab
2024-04-12 00:53:41
ubuntucve
ubuntucve
nvd
nvd
debiancve
debiancve
cve
cve
cvelist
cvelist
CVE-2023-6678 Uncontrolled Resource Consumption in GitLab
2024-04-12 00:53:31
CVE-2024-2279 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
2024-04-12 00:53:21
CVE-2023-6489 Uncontrolled Resource Consumption in GitLab
2024-04-12 00:53:41
CVSS3
8.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
AI Score
6
Confidence
High
EPSS
0
Percentile
9.0%
Related for DAD6294C-F7C1-11EE-BB77-001B217B3468