An issue has been discovered in GitLab EE affecting all versions from 13.3.0 prior to 16.6.7, 16.7 prior to 16.7.5, and 16.8 prior to 16.8.2 which allows an attacker to do a resource exhaustion using GraphQL `vulnerabilitiesCountByDay`
History

Tue, 08 Oct 2024 20:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-400

Fri, 04 Oct 2024 08:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 03 Oct 2024 06:30:00 +0000

Type Values Removed Values Added
Title Uncontrolled Resource Consumption in GitLab Allocation of Resources Without Limits or Throttling in GitLab
Weaknesses CWE-770

cve-icon MITRE

Status: PUBLISHED

Assigner: GitLab

Published: 2024-02-07T22:02:11.043Z

Updated: 2024-10-03T06:23:18.169Z

Reserved: 2024-01-30T12:02:21.519Z

Link: CVE-2024-1066

cve-icon Vulnrichment

Updated: 2024-08-01T18:26:30.545Z

cve-icon NVD

Status : Modified

Published: 2024-02-07T22:15:09.797

Modified: 2024-11-21T08:49:43.170

Link: CVE-2024-1066

cve-icon Redhat

No data.