First published: Thu Aug 08 2024(Updated: )
A Denial of Service (DoS) condition has been discovered in GitLab CE/EE affecting all versions starting with 15.9 before 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2. It is possible for an attacker to cause catastrophic backtracking while parsing results from Elasticsearch.
Credit: cve@gitlab.com
Affected Software | Affected Version | How to fix |
---|---|---|
GitLab GitLab | >=15.9.0<17.0.6 | |
GitLab GitLab | >=15.9.0<17.0.6 | |
GitLab GitLab | >=17.1.0<17.1.4 | |
GitLab GitLab | >=17.1.0<17.1.4 |
Upgrade to versions 17.2.2, 17.1.4, 17.0.6 or above.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.