GitLab CE/EE Vulnerability: Branch Creation CPU Exhaustion

GitLab CE/EE Vulnerability: Branch Creation CPU Exhaustion

CVE-2022-3639 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

A potential DOS vulnerability was discovered in GitLab CE/EE affecting all versions from 10.8 before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2. Improper data handling on branch creation could have been used to trigger high CPU usage.

Learn more about our Web Application Penetration Testing UK.