Total vulnerabilities in the database
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.2 before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions starting from 16.5 before 16.5.1. A low-privileged attacker can point a CI/CD Component to an incorrect path and cause the server to exhaust all available memory through an infinite loop and cause Denial of Service.
Software | From | Fixed in |
---|---|---|
gitlab / gitlab | 16.4.0 | 16.4.2 |
gitlab / gitlab | 16.5.0 | 16.5.0.x |
gitlab / gitlab | 16.2.0 | 16.3.6 |