An issue was discovered in GitLab CE/EE affecting all versions starting from 9.2 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, with the processing logic for generating link in dependency files can lead to a regular expression DoS attack on the server
References
Link | Resource |
---|---|
https://gitlab.com/gitlab-org/gitlab/-/issues/441806 | Broken Link |
https://hackerone.com/reports/2370084 | Permissions Required |
https://gitlab.com/gitlab-org/gitlab/-/issues/441806 | Broken Link |
https://hackerone.com/reports/2370084 | Permissions Required |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 08:50
Type | Values Removed | Values Added |
---|---|---|
References | () https://gitlab.com/gitlab-org/gitlab/-/issues/441806 - Broken Link | |
References | () https://hackerone.com/reports/2370084 - Permissions Required |
30 Aug 2024, 14:15
Type | Values Removed | Values Added |
---|---|---|
CWE |
28 Jun 2024, 13:24
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:gitlab:gitlab:17.1.0:*:*:*:enterprise:*:*:* cpe:2.3:a:gitlab:gitlab:17.1.0:*:*:*:community:*:*:* cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:* cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:* |
|
First Time |
Gitlab gitlab
Gitlab |
|
References | () https://gitlab.com/gitlab-org/gitlab/-/issues/441806 - Broken Link | |
References | () https://hackerone.com/reports/2370084 - Permissions Required | |
CWE | CWE-1333 |
27 Jun 2024, 12:47
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
27 Jun 2024, 00:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-06-27 00:15
Updated : 2024-11-21 08:50
NVD link : CVE-2024-1493
Mitre link : CVE-2024-1493
CVE.ORG link : CVE-2024-1493
JSON object : View
Products Affected
gitlab
- gitlab
CWE
CWE-1333
Inefficient Regular Expression Complexity