Vulnerability Details CVE-2023-3900
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. An invalid 'start_sha' value on merge requests page may lead to Denial of Service as Changes tab would not load.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 44.2%
CVSS Severity
CVSS v3 Score 4.3
References
Products affected by CVE-2023-3900
-
cpe:2.3:a:gitlab:gitlab:16.1.0
-
cpe:2.3:a:gitlab:gitlab:16.1.1
-
cpe:2.3:a:gitlab:gitlab:16.1.2
-
cpe:2.3:a:gitlab:gitlab:16.2.0
-
cpe:2.3:a:gitlab:gitlab:16.2.1