Total vulnerabilities in the database
A lack of length validation in Snippet descriptions in GitLab CE/EE affecting all versions prior to 15.1.6, 15.2 prior to 15.2.4 and 15.3 prior to 15.3.2 allows an authenticated attacker to create a maliciously large Snippet which when requested with or without authentication places excessive load on the server, potential leading to Denial of Service.
| Software | From | Fixed in |
|---|---|---|
| gitlab / gitlab | 15.3 | 15.3.2 |
| gitlab / gitlab | 15.2 | 15.2.4 |
| gitlab / gitlab | - | 15.1.6 |