CVE-2022-0488

Summary

An issue has been discovered in GitLab CE/EE affecting all versions starting with version 8.10. It was possible to trigger a timeout on a page with markdown by using a specific amount of block-quotes.

Affected Software

VendorProductVersion RangeStatus
GitLabGitLab>=14.7, <14.7.1affected
GitLabGitLab>=14.6, <14.6.4affected
GitLabGitLab>=8.10, <14.5.4affected

Weaknesses

  • Uncontrolled resource consumption in GitLab

ADP Enrichment

CVE Program Container

Additional References

References