Security Advisory

CVE-2022-1100

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-04-04 19:46:02

Last updated 2024-08-02 23:55:23

Assigner GitLab

State PUBLISHED

Description

A potential DOS vulnerability was discovered in GitLab CE/EE affecting all versions from 13.1 prior to 14.7.7, 14.8.0 prior to 14.8.5, and 14.9.0 prior to 14.9.2. The api to update an asset as a link from a release had a regex check which caused exponential number of backtracks for certain user supplied values resulting in high CPU usage.

← Browse all CVEs View on cve.org ↗