Regular expression denial of service vulnerability in GitLab CE/EE - CVE-2023-0632 (dpkg)ID: oval:org.secpod.oval:def:91523 | Date: (C)2023-08-03 (M)2023-11-10 |
Class: VULNERABILITY | Family: unix |
The host is installed with GitLab CE/EE 15.2 before 16.0.8, 16.1 before 16.1.3, or 16.2 before 16.2.2 and is prone to a regular expression denial of service vulnerability. A flaw is present in the application, which fails to properly handle the crafted payloads used to search Harbor Registry. Successful exploitation could allow attackers to cause regular expression denial of service.
Product: |
gitlab-ce |
gitlab-ee |