Vulnerability Details CVE-2019-19313
GitLab EE 12.3 through 12.5, 12.4.3, and 12.3.6 allows Denial of Service. Certain characters were making it impossible to create, edit, or view issues and commits.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 40.9%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/
- https://about.gitlab.com/blog/categories/releases/
- https://gitlab.com/gitlab-org/gitlab/issues/14947
- https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/
- https://about.gitlab.com/blog/categories/releases/
- https://gitlab.com/gitlab-org/gitlab/issues/14947
Products affected by CVE-2019-19313
-
cpe:2.3:a:gitlab:gitlab:12.3.0
-
cpe:2.3:a:gitlab:gitlab:12.3.1
-
cpe:2.3:a:gitlab:gitlab:12.3.2
-
cpe:2.3:a:gitlab:gitlab:12.3.3
-
cpe:2.3:a:gitlab:gitlab:12.3.4
-
cpe:2.3:a:gitlab:gitlab:12.3.5
-
cpe:2.3:a:gitlab:gitlab:12.3.6
-
cpe:2.3:a:gitlab:gitlab:12.3.7
-
cpe:2.3:a:gitlab:gitlab:12.4.0
-
cpe:2.3:a:gitlab:gitlab:12.4.1
-
cpe:2.3:a:gitlab:gitlab:12.4.2
-
cpe:2.3:a:gitlab:gitlab:12.4.3
-
cpe:2.3:a:gitlab:gitlab:12.4.4
-
cpe:2.3:a:gitlab:gitlab:12.5.0
-
cpe:2.3:a:gitlab:gitlab:12.5.1