Vulnerability Database

290,206

Total vulnerabilities in the database

CVE-2022-1121

A lack of appropriate timeouts in GitLab Pages included in GitLab CE/EE all versions prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allows an attacker to cause unlimited resource consumption.

  • Published: Apr 4, 2022
  • Updated: Apr 14, 2023
  • CVE: CVE-2022-1121
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.3
  • AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:N/I:N/A:P

CWEs:

Software From Fixed in
gitlab / gitlab 14.9.0 14.9.2
gitlab / gitlab 14.8.0 14.8.5
gitlab / gitlab - 14.7.7