Denial Of Service (DoS)

gitlab is vulnerable to Denial of Service DoS attacks. This vulnerability occurs due to a flaw in the way that GitLab handles the API endpoints for querying repository branches. An attacker can exploit this vulnerability to retrieve a large number of branches, which can lead to a denial-of-servic...

CVE-2021-22210

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.2. When querying the repository branches through API, GitLab was ignoring a query parameter and returning a considerable amount of results...

CVE-2021-22210

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.2. When querying the repository branches through API, GitLab was ignoring a query parameter and returning a considerable amount of results...

CVE-2021-22210

Removed by vendor...

Gitlab -- Vulnerabilities

Gitlab reports: Read API scoped tokens can execute mutations Pull mirror credentials were exposed Denial of Service when querying repository branches API Non-owners can set systemnotetimestamp when creating / updating issues DeployToken will impersonate a User with the same ID when using Dependen...

PT-2021-4080 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 13.2 and later Description: The issue is related to the GitLab platform ignoring a query parameter when working through the API, which can lead to a denial of service. When querying repository branches through the API,...