Lucene search
Veracode Vulnerability DatabaseVERACODE:41537HistoryJul 23, 2023 - 2:06 p.m.
Denial Of Service (DoS)
2023-07-2314:06:22
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
3
denial of service
length validation
library
issue descriptions
graphql
application crash
0.001 Low
EPSS
Percentile
41.6%
gitlab is vulnerable to Denial Of Service (DoS). The vulnerability exists due to the lack of length validation of the library, which allows an attacker to create large issue descriptions via GraphQL, leading to an application crash.
| CPE | Name | Operator | Version |
|---|---|---|---|
| gitlab:sid | eq | 13.3.9-1 | |
| gitlab:sid | eq | 13.4.7-2 | |
| gitlab:sid | eq | 13.3.9-1 | |
| gitlab:sid | eq | 13.4.7-2 |
Related
cve
cve
CVE-2022-3411
2023-02-13 23:15:10
CVE-2023-0886
2023-02-22 23:15:17
osv
osv
CVE-2022-3411
2023-02-13 23:15:10
BIT-gitlab-2022-3411
2024-03-06 11:14:15
cvelist
cvelist
CVE-2022-3411
2023-02-13 00:00:00
openvas
openvas
GitLab 12.4.x < 15.6.7, 15.7.x < 15.7.6, 15.8.x < 15.8.1 DoS Vulnerability
2023-02-03 00:00:00
prion
prion
Input validation
2023-02-13 23:15:00
debiancve
debiancve
CVE-2022-3411
2023-02-13 23:15:10
nessus
nessus
GitLab 12.4 < 15.6.7 / 15.7 < 15.7.6 / 15.8 < 15.8.1 (CVE-2022-3411)
2023-02-02 00:00:00
GitLab 12.4 < 15.6.7 / 15.7 < 15.7.6 / 15.8 < 15.8.1 (CVE-2023-0886)
2024-05-17 00:00:00
GitLab < 15.6.7 (SECURITY-RELEASE-GITLAB-15-8-1-RELEASED)
2024-01-03 00:00:00
ubuntucve
ubuntucve
CVE-2022-3411
2023-02-13 00:00:00
freebsd
freebsd
Gitlab -- Multiple Vulnerabilities
2023-01-31 00:00:00