Critical Infrastructure Sectors: Commercial Facilities, Energy, Critical Manufacturing, Food and Agriculture
A lack of length validation in GitLab CE/EE affecting all versions from 12.4 prior to 15.6.7, 15.7 prior to 15.7.6, and 15.8 prior to 15.8.1 allows an authenticated malicious user to create a large Issue description via GraphQL which, when repeatedly requested, saturates CPU usage.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gitlab gitlab |