Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2022-1174
HistoryApr 04, 2022 - 8:15 p.m.

CVE-2022-1174

2022-04-0420:15:09
CWE-1284
[email protected]
web.nvd.nist.gov
5
dos vulnerability
gitlab ce/ee
high cpu usage

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

50.9%

JSON

A potential DoS vulnerability was discovered in Gitlab CE/EE versions 13.7 before 14.7.7, all versions starting from 14.8 before 14.8.5, all versions starting from 14.9 before 14.9.2 allowed an attacker to trigger high CPU usage via a special crafted input added in Issues, Merge requests, Milestones, Snippets, Wiki pages, etc.

Affected configurations

Nvd
Node
gitlabgitlabRange13.7.014.7.7community
OR
gitlabgitlabRange13.7.014.7.7enterprise
OR
gitlabgitlabRange14.8.014.8.5community
OR
gitlabgitlabRange14.8.014.8.5enterprise
OR
gitlabgitlabRange14.9.014.9.2community
OR
gitlabgitlabRange14.9.014.9.2enterprise
VendorProductVersionCPE
gitlabgitlab*cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
gitlabgitlab*cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*

Related

osv 2
openvas 1
prion 1
nessus 2
cvelist 1
ubuntucve 1
debiancve 1
cve 1
avleonov 1
freebsd 1
osv
osv
CVE-2022-1174
2022-04-04 20:15:09
BIT-gitlab-2022-1174
2024-03-06 11:16:20
openvas
openvas
GitLab 13.7.x < 14.7.7, 14.8.x < 14.8.5, 14.9.x < 14.9.2 DoS Vulnerability
2022-04-05 00:00:00
prion
prion
Design/Logic Flaw
2022-04-04 20:15:00
nessus
nessus
GitLab 13.7 < 14.7.7 / 14.8 < 14.8.5 / 14.9 < 14.9.2 (CVE-2022-1174)
2022-04-18 00:00:00
FreeBSD : Gitlab -- multiple vulnerabilities (8657eedd-b423-11ec-9559-001b217b3468)
2022-04-04 00:00:00
cvelist
cvelist
CVE-2022-1174
2022-04-04 19:46:06
ubuntucve
ubuntucve
CVE-2022-1174
2022-04-04 00:00:00
debiancve
debiancve
CVE-2022-1174
2022-04-04 20:15:09
cve
cve
CVE-2022-1174
2022-04-04 20:15:09
avleonov
avleonov
Gitlab OmniAuth Static Passwords and stored XSS
2022-04-04 16:42:07
freebsd
freebsd
Gitlab -- multiple vulnerabilities
2022-03-31 00:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

50.9%

JSON
Related for NVD:CVE-2022-1174
osv2openvas1prion1nessus2cvelist1ubuntucve1debiancve1cve1avleonov1freebsd1