CVE-2023-3246 Allocation of Resources Without Limits or Throttling in GitLab

🗓️ 06 Nov 2023 12:01:43Reported by GitLabType

Uncontrolled Resource Consumption in GitLab, affecting versions before 16.3.6, 16.4.2, 16.5.

Reporter	Title	Published	Views	Family All 20
FreeBSD	Gitlab -- Vulnerabilities	31 Oct 202300:00	–	freebsd
Circl	CVE-2023-3246	6 Nov 202316:25	–	circl
CNNVD	GitLab Security Breach	1 Nov 202300:00	–	cnnvd
CVE	CVE-2023-3246	6 Nov 202312:01	–	cve
Debian CVE	CVE-2023-3246	6 Nov 202312:01	–	debiancve
EUVD	EUVD-2023-43922	3 Oct 202520:07	–	euvd
Tenable Nessus	FreeBSD : Gitlab -- Vulnerabilities (a612c25f-788a-11ee-8d57-001b217b3468)	1 Nov 202300:00	–	nessus
Tenable Nessus	GitLab 10.3 < 16.3.6 / 16.4.0 < 16.4.2 / 16.5.0 < 16.5.1 (CVE-2023-3246)	13 Nov 202300:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2023-3246	30 Aug 202500:00	–	nessus
NCSC	Vulnerabilities fixed in GitLab Enterprise Edition and Community Edition	2 Nov 202300:00	–	ncsc

[
  {
    "vendor": "GitLab",
    "product": "GitLab",
    "repo": "git://[email protected]:gitlab-org/gitlab.git",
    "cpes": [
      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
    ],
    "versions": [
      {
        "version": "10.3",
        "status": "affected",
        "lessThan": "16.3.6",
        "versionType": "semver"
      },
      {
        "version": "16.4.0",
        "status": "affected",
        "lessThan": "16.4.2",
        "versionType": "semver"
      },
      {
        "version": "16.5.0",
        "status": "affected",
        "lessThan": "16.5.1",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
gitlab	www.gitlab.com/gitlab-org/gitlab/-/issues/415371
hackerone	www.hackerone.com/reports/2014157

20 Nov 2025 04:07Current

5Medium risk

Vulners AI Score5

CVSS 3.14.3

EPSS0.00048

CWE-770