A Denial of Service (DoS) condition has been discovered in GitLab CE/EE affecting all versions starting with 15.9 before 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2. It is possible for an attacker to cause catastrophic backtracking while parsing results from Elasticsearch.
References
Link | Resource |
---|---|
https://gitlab.com/gitlab-org/gitlab/-/issues/468917 | Broken Link |
Configurations
Configuration 1 (hide)
|
History
29 Aug 2024, 15:45
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
CPE | cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:* cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:* |
|
CWE | NVD-CWE-noinfo | |
First Time |
Gitlab
Gitlab gitlab |
|
References | () https://gitlab.com/gitlab-org/gitlab/-/issues/468917 - Broken Link |
08 Aug 2024, 13:04
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
08 Aug 2024, 11:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-08 11:15
Updated : 2024-08-29 15:45
NVD link : CVE-2024-7610
Mitre link : CVE-2024-7610
CVE.ORG link : CVE-2024-7610
JSON object : View
Products Affected
gitlab
- gitlab
CWE