VDB
CVE-2023-3994
CVE-2023-3994
PUBLISHED
An issue has been discovered in GitLab CE/EE affecting all versions starting from 9.3 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. A Regular Expression Denial of Service was possible via sending crafted payloads which use ProjectReferenceFilter to the preview_markdown endpoint.
EPSS 0.30% · 53.6th percentile
Risk Scores
EPSS Score
0.30%
53.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | gitlab | 9.3.0, 16.1.0, 16.2.0 |
| Bitnami | gitlab | 9.3.0, 16.1.0, 16.2.0 |
Exploit Intelligence
Timeline
- Aug 1, 2023 CVE Published
- Aug 2, 2023 EPSS Score
- Aug 2, 2023 CVE Updated
- Sep 5, 2023 EPSS Score
- Nov 12, 2023 EPSS Score
- Dec 15, 2023 EPSS Score
- Feb 21, 2024 EPSS Score
- Mar 26, 2024 EPSS Score
- Apr 29, 2024 EPSS Score
- Jul 6, 2024 EPSS Score
- Aug 8, 2024 EPSS Score
- Sep 11, 2024 EPSS Score