CVE-2019-19313

HIGH

GitLab EE <12.3-12.5, 12.4.3, 12.3.6 - DoS

Title source: llm

Description

GitLab EE 12.3 through 12.5, 12.4.3, and 12.3.6 allows Denial of Service. Certain characters were making it impossible to create, edit, or view issues and commits.

References (3)

[Vendor Advisory] https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/

[Release Notes] https://about.gitlab.com/blog/categories/releases/

[Broken Link] https://gitlab.com/gitlab-org/gitlab/issues/14947

Scores

CVSS v3 7.5

EPSS 0.0026

EPSS Percentile 48.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-755

Status published

Affected Products (1)

gitlab/gitlab < 12.3.8

Timeline

Published Jan 05, 2020

Tracked Since Feb 18, 2026