BIT-GITLAB-2025-8014 Allocation of Resources Without Limits or Throttling in GitLab

Denial of Service issue in GraphQL endpoints in Gitlab EE/CE affecting all versions from 11.10 prior to 18.2.7, 18.3 prior to 18.3.3, and 18.4 prior to 18.4.1 allows unauthenticated users to potentially bypass query complexity limits leading to resource exhaustion and service disruption...

CVE-2025-8014

Denial of Service issue in GraphQL endpoints in Gitlab EE/CE affecting all versions from 11.10 prior to 18.2.7, 18.3 prior to 18.3.3, and 18.4 prior to 18.4.1 allows unauthenticated users to potentially bypass query complexity limits leading to resource exhaustion and service disruption...

CVE-2025-8014 Allocation of Resources Without Limits or Throttling in GitLab

Denial of Service issue in GraphQL endpoints in Gitlab EE/CE affecting all versions from 11.10 prior to 18.2.7, 18.3 prior to 18.3.3, and 18.4 prior to 18.4.1 allows unauthenticated users to potentially bypass query complexity limits leading to resource exhaustion and service disruption...

CVE-2025-8014

CVE-2025-8014 affects GitLab CE/EE where unauthenticated users could bypass query complexity limits on GraphQL endpoints, potentially causing resource exhaustion and DoS. Affected versions include GitLab 11.10 up to 18.2.7, 18.3 up to 18.3.3, and 18.4 up to 18.4.1. The vulnerability stems from un...

PT-2025-39734

Name of the Vulnerable Software and Affected Versions GitLab EE/CE versions 11.10 through 18.2.7 GitLab EE/CE versions 18.3 through 18.3.3 GitLab EE/CE versions 18.4 through 18.4.1 Description A denial of service issue exists in GraphQL endpoints within GitLab EE/CE. This allows unauthenticated...

CVE-2025-32033

The Apollo Router Core is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. Prior to 1.61.2 and 2.1.1, the operation limits plugin uses unsigned 32-bit integers to track limit counters e.g. for a query's height. If a counter...

SUSE SLES12 Security Update : bind (SUSE-SU-2020:1914-1)

This update for bind fixes the following issues : Amended documentation referring to rule types 'krb5-subdomain' and 'ms-subdomain'. This incorrect documentation could mislead operators into believing that policies they had configured were more restrictive than they actually were. CVE-2018-5741...

SUSE-SU-2020:1914-1 Security update for bind

This update for bind fixes the following issues: - Amended documentation referring to rule types 'krb5-subdomain' and 'ms-subdomain'. This incorrect documentation could mislead operators into believing that policies they had configured were more restrictive than they actually were. CVE-2018-5741 ...