CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
14.1%
A Denial of Service (DoS) issue has been discovered in GitLab CE/EE
affecting all versions prior to 17.1.6, 17.2 prior to 17.2.4, and 17.3
prior to 17.3.1. A denial of service could occur upon importing a
maliciously crafted repository using the GitHub importer.
Author | Note |
---|---|
mdeslaur | GitLab isn’t maintainable as a distro package, and was removed from Ubuntu because of this. We will not be fixing security issues in the gitlab package in Xenial. |