Security Advisory

CVE-2022-2592

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-10-17 00:00:00

Last updated 2025-05-13 19:16:27

Assigner GitLab

State PUBLISHED

Description

A lack of length validation in Snippet descriptions in GitLab CE/EE affecting all versions prior to 15.1.6, 15.2 prior to 15.2.4 and 15.3 prior to 15.3.2 allows an authenticated attacker to create a maliciously large Snippet which when requested with or without authentication places excessive load on the server, potential leading to Denial of Service.

← Browse all CVEs View on cve.org ↗