PT-2020-10133 · Gitlab · Gitlab Ce/Ee+1

Dfenson

Published

2020-01-05

Updated

2021-07-21

CVE-2019-19313

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions GitLab EE versions 12.3 through 12.5 GitLab EE version 12.4.3 GitLab EE version 12.3.6

Description The issue allows Denial of Service. Certain characters were making it impossible to create, edit, or view issues and commits.

Recommendations For GitLab EE versions 12.3 through 12.5, update to a version that does not contain this issue. For GitLab EE version 12.4.3, update to a version that does not contain this issue. For GitLab EE version 12.3.6, update to a version that does not contain this issue. As a temporary workaround, consider restricting the use of certain characters to minimize the risk of exploitation.

Fix

DoS

Improper Handling of Exceptional Conditions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-755

Related Identifiers

CVE-2019-19313

Affected Products

Gitlab

Gitlab Ce/Ee

PT-2020-10133 · Gitlab · Gitlab Ce/Ee+1

CVE-2019-19313

Weakness Enumeration

Related Identifiers

Affected Products

References · 5