Vulnerability Details CVE-2019-19313
GitLab EE 12.3 through 12.5, 12.4.3, and 12.3.6 allows Denial of Service. Certain characters were making it impossible to create, edit, or view issues and commits.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 48.8%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/
- https://about.gitlab.com/blog/categories/releases/
- https://gitlab.com/gitlab-org/gitlab/issues/14947
- https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/
- https://about.gitlab.com/blog/categories/releases/
- https://gitlab.com/gitlab-org/gitlab/issues/14947
Products affected by CVE-2019-19313
-
cpe:2.3:a:gitlab:gitlab:12.3.0
-
cpe:2.3:a:gitlab:gitlab:12.3.1
-
cpe:2.3:a:gitlab:gitlab:12.3.2
-
cpe:2.3:a:gitlab:gitlab:12.3.3
-
cpe:2.3:a:gitlab:gitlab:12.3.4
-
cpe:2.3:a:gitlab:gitlab:12.3.5
-
cpe:2.3:a:gitlab:gitlab:12.3.6
-
cpe:2.3:a:gitlab:gitlab:12.3.7
-
cpe:2.3:a:gitlab:gitlab:12.4.0
-
cpe:2.3:a:gitlab:gitlab:12.4.1
-
cpe:2.3:a:gitlab:gitlab:12.4.2
-
cpe:2.3:a:gitlab:gitlab:12.4.3
-
cpe:2.3:a:gitlab:gitlab:12.4.4
-
cpe:2.3:a:gitlab:gitlab:12.5.0
-
cpe:2.3:a:gitlab:gitlab:12.5.1