Security Advisory

CVE-2023-3909

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-11-06 12:08:45

Last updated 2025-11-20 04:08:28

Assigner GitLab

State PUBLISHED

Description

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.3 before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions starting from 16.5 before 16.5.1. A Regular Expression Denial of Service was possible by adding a large string in timeout input in gitlab-ci.yml file.

← Browse all CVEs View on cve.org ↗