A denial of service vulnerability was identified in GitLab CE/EE, versions 16.7.7 prior to 16.8.6, 16.9 prior to 16.9.4 and 16.10 prior to 16.10.2 which allows an attacker to spike the GitLab instance resources usage resulting in service degradation via chat integration feature.
Metrics
Affected Vendors & Products
References
History
Wed, 11 Dec 2024 19:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:* cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:* |
Thu, 03 Oct 2024 07:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-400 |
Thu, 03 Oct 2024 06:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Title | Uncontrolled Resource Consumption in GitLab | Inefficient Regular Expression Complexity in GitLab |
Weaknesses | CWE-1333 |
Thu, 19 Sep 2024 02:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 29 Aug 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Gitlab
Gitlab gitlab |
|
CPEs | cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:* | |
Vendors & Products |
Gitlab
Gitlab gitlab |
MITRE
Status: PUBLISHED
Assigner: GitLab
Published: 2024-04-12T00:53:41.230Z
Updated: 2024-10-03T06:23:16.693Z
Reserved: 2023-12-04T16:30:20.261Z
Link: CVE-2023-6489
Vulnrichment
Updated: 2024-08-02T08:28:21.821Z
NVD
Status : Analyzed
Published: 2024-04-12T01:15:57.340
Modified: 2024-12-11T19:06:06.800
Link: CVE-2023-6489
Redhat
No data.