CVE-2021-22177

Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via gitlab-shell command...

CVE-2024-34079

octo-sts is a GitHub App that acts like a Security Token Service STS for the Github API. This vulnerability can spike the resource utilization of the STS service, and combined with a significant traffic volume could potentially lead to a denial of service. This vulnerability is fixed in 0.1.0...

octo-sts vulnerable to unauthenticated attacker causing unbounded CPU and memory usage

Impact This vulnerability can spike the resource utilization of the STS service, and combined with a significant traffic volume could potentially lead to a denial of service. Patches This vulnerability existed in the repository at HEAD, we will cut a 0.1.0 release with the fix. Workarounds None...

BIT-GITLAB-2023-6489 Inefficient Regular Expression Complexity in GitLab

A denial of service vulnerability was identified in GitLab CE/EE, versions 16.7.7 prior to 16.8.6, 16.9 prior to 16.9.4 and 16.10 prior to 16.10.2 which allows an attacker to spike the GitLab instance resources usage resulting in service degradation via chat integration feature...

CVE-2023-6489

CVE-2023-6489 affects GitLab CE/EE: vulnerable in GitLab versions 16.7.7 before 16.8.6, 16.9 before 16.9.4, and 16.10 before 16.10.2. The issue allows a denial-of-service by spiking resource usage via the chat integration feature. The root cause is described in OSV entries as inefficient regular ...

UBUNTU-CVE-2021-22177

Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via gitlab-shell command...

Command injection

Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via gitlab-shell command...