ReDoS due to device-detector parsing user agents
Medium
G
GitLab
Submitted None
Team Summary
Official summary from GitLab
An attacker may cause Denial of Service on a GitLab instance by exploiting a regex issue in how the application parses user agents. More details can be found in https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4131
Actions:
Reported by
afewgoats
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Uncontrolled Resource Consumption