CVE-2022-1121
on gitlab
on gitlab
Published
Severity
CVSS v3:
5.3 MEDIUM
CVSS v2:
5 MEDIUM
Description
A lack of appropriate timeouts in GitLab Pages included in GitLab CE/EE all versions prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allows an attacker to cause unlimited resource consumption.
References
Configurations
| CPE23 | Version Start | Version End | Exact Version |
|---|---|---|---|
| cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:* | 14.9.0 (including) | 14.9.2 | * |
| cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:* | 14.9.0 (including) | 14.9.2 | * |
| cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:* | 14.8.0 (including) | 14.8.5 | * |
| cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:* | 14.8.0 (including) | 14.8.5 | * |
| cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:* | n/a | 14.7.7 | * |
| cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:* | n/a | 14.7.7 | * |