CVE-2023-1787

Summary

An issue has been discovered in GitLab affecting all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. A search timeout could be triggered if a specific HTML payload was used in the issue description.

Affected Software

VendorProductVersion RangeStatus
GitLabGitLab>=15.9, <15.9.4affected
GitLabGitLab>=15.10, <15.10.1affected

Weaknesses

  • Uncontrolled resource consumption in GitLab

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References