BIT-gitlab-2023-6159

Import Source
https://github.com/bitnami/vulndb/tree/main/data/gitlab/BIT-gitlab-2023-6159.json
Aliases
Published
2024-02-01T07:18:39.558Z
Modified
2024-02-01T08:11:46.557612Z
Details

An issue has been discovered in GitLab CE/EE affecting all versions from 12.7 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1 It was possible for an attacker to trigger a Regular Expression Denial of Service via a Cargo.toml containing maliciously crafted input.

References

Affected packages

Bitnami / gitlab

Package

Name
gitlab

Affected ranges

Type
SEMVER
Events
Introduced
12.7.0
Fixed
16.6.6
Introduced
16.7.0
Fixed
16.7.4
Type
SEMVER
Events
Introduced
16.8.0
Last affected
16.8.0