Lucene search
GoogleOSV:BIT-GITLAB-2023-3900HistoryMar 06, 2024 - 11:03 a.m.
BIT-gitlab-2023-3900
2024-03-0611:03:40
Google
osv.dev
7
gitlab
ce
ee
vulnerability
denial of service
start_sha
merge requests
changes tab
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
38.4%
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. An invalid ‘start_sha’ value on merge requests page may lead to Denial of Service as Changes tab would not load.
Related
vulnrichment
vulnrichment
CVE-2023-3900 Improper Input Validation in GitLab
2023-08-02 00:07:05
ubuntucve
ubuntucve
CVE-2023-3900
2023-08-02 00:00:00
veracode
veracode
Denial Of Service (DoS)
2023-12-26 13:53:07
debiancve
debiancve
CVE-2023-3900
2023-08-02 01:15:09
nvd
nvd
CVE-2023-3900
2023-08-02 01:15:09
nessus
nessus
GitLab 16.1 < 16.1.3 / 16.2 < 16.2.2 (CVE-2023-3900)
2023-08-01 00:00:00
FreeBSD : Gitlab -- Vulnerabilities (fa239535-30f6-11ee-aef9-001b217b3468)
2023-08-02 00:00:00
osv
osv
CVE-2023-3900
2023-08-02 01:15:09
cve
cve
CVE-2023-3900
2023-08-02 01:15:09
cvelist
cvelist
CVE-2023-3900 Improper Input Validation in GitLab
2023-08-02 00:07:05
prion
prion
Design/Logic Flaw
2023-08-02 01:15:00
redhatcve
redhatcve
CVE-2023-3900
2023-10-09 17:57:06
freebsd
freebsd
Gitlab -- Vulnerabilities
2023-08-01 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
38.4%
Related for OSV:BIT-GITLAB-2023-3900