An issue has been discovered in GitLab EE affecting all versions starting from 10.5 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for an attacker to cause a client-side denial of service using malicious crafted mermaid diagram input.
Metrics
Affected Vendors & Products
References
History
Thu, 29 Aug 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:* |
MITRE
Status: PUBLISHED
Assigner: GitLab
Published: 2023-12-01T07:01:48.155Z
Updated: 2024-09-18T04:07:25.194Z
Reserved: 2023-09-12T13:30:21.852Z
Link: CVE-2023-4912
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-12-01T07:15:11.387
Modified: 2023-12-06T19:50:26.767
Link: CVE-2023-4912
Redhat
No data.