Unrated severityNVD Advisory· Published Apr 25, 2022· Updated Aug 2, 2024
CVE-2022-0477
CVE-2022-0477
Description
An issue has been discovered in GitLab affecting all versions starting from 11.9 before 14.5.4, all versions starting from 14.6.0 before 14.6.4, all versions starting from 14.7.0 before 14.7.1. GitLab was not correctly handling bulk requests to delete existing packages from the package registries which could result in a Denial of Service under specific conditions.
Affected products
3>=11.9 <14.5.4, >=14.6.0 <14.6.4, >=14.7.0 <14.7.1+ 1 more
- (no CPE)range: >=11.9 <14.5.4, >=14.6.0 <14.6.4, >=14.7.0 <14.7.1
- (no CPE)range: >=11.9, <14.5.4
Patches
Vulnerability mechanics
References
2- gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0477.jsonmitrex_refsource_CONFIRM
- gitlab.com/gitlab-org/gitlab/-/issues/348166mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.