A potential DOS vulnerability was discovered in GitLab CE/EE affecting all versions from 10.8 before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2. Improper data handling on branch creation could have been used to trigger high CPU usage.
References
Link | Resource |
---|---|
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3639.json | Third Party Advisory VDB Entry |
https://gitlab.com/gitlab-org/gitlab/-/issues/366876 | Broken Link |
Configurations
Configuration 1 (hide)
|
History
21 Oct 2022, 20:58
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
First Time |
Gitlab gitlab
Gitlab |
|
CWE | CWE-400 | |
References | (CONFIRM) https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3639.json - Third Party Advisory, VDB Entry | |
References | (MISC) https://gitlab.com/gitlab-org/gitlab/-/issues/366876 - Broken Link | |
CPE | cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:* |
21 Oct 2022, 16:48
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-10-21 16:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-3639
Mitre link : CVE-2022-3639
CVE.ORG link : CVE-2022-3639
JSON object : View
Products Affected
gitlab
- gitlab
CWE
CWE-400
Uncontrolled Resource Consumption