A lack of length validation in Snippet descriptions in GitLab CE/EE affecting all versions before 15.1.6, 15.2 before 15.2.4 and 15.3 before 15.3.2 allows an authenticated malicious user to create a maliciously large Snippet which when requested with or without authentication places excessive load on the server, potential leading to Denial of Service.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gitlab gitlab |