BIT-gitlab-2023-6678

Import Source

https://github.com/bitnami/vulndb/tree/main/data/gitlab/BIT-gitlab-2023-6678.json

Aliases

CVE-2023-6678

Published

2024-04-16T07:22:40.787Z

Modified

2024-04-16T08:11:55.741813Z

Details

An issue has been discovered in GitLab EE affecting all versions before 16.8.6, all versions starting from 16.9 before 16.9.4, all versions starting from 16.10 before 16.10.2. It was possible for an attacker to cause a denial of service using malicious crafted content in a junit test report file.

References

https://gitlab.com/gitlab-org/gitlab/-/issues/434689
https://hackerone.com/reports/2268037

Affected packages

Bitnami / gitlab

Package

Name: gitlab

Affected ranges

Type: SEMVER
Events: Introduced

0.0.0

Fixed

16.8.6

Introduced

16.9.0

Fixed

16.9.4

Introduced

16.10.0

Fixed

16.10.2