Lucene search

Ubuntu.comUB:CVE-2023-1787

HistoryApr 05, 2023 - 12:00 a.m.

CVE-2023-1787

2023-04-0500:00:00

ubuntu.com

gitlab

vulnerability

unix

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

9.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

34.3%

JSON

An issue has been discovered in GitLab affecting all versions starting from
15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. A
search timeout could be triggered if a specific HTML payload was used in
the issue description.

OSVersionArchitecturePackageVersionFilename
ubuntu16.04noarchgitlab< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	16.04	noarch	gitlab	< any	UNKNOWN

References

launchpad.net/bugs/cve/CVE-2023-1787

nvd.nist.gov/vuln/detail/CVE-2023-1787

security-tracker.debian.org/tracker/CVE-2023-1787

www.cve.org/CVERecord?id=CVE-2023-1787

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

9.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

34.3%

JSON

Related for UB:CVE-2023-1787