vulnerability

FreeBSD: VID-cdb5338d-04ec-11ee-9c88-001b217b3468 (CVE-2023-0921): Gitlab -- Vulnerability

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:L/Au:S/C:N/I:N/A:P)

Published

Jun 7, 2023

Added

Jun 7, 2023

Modified

Jun 15, 2026

Description

A lack of length validation in GitLab CE/EE affecting all versions from 8.3 before 15.10.8, 15.11 before 15.11.7, and 16.0 before 16.0.2 allows an authenticated attacker to create a large Issue description via GraphQL which, when repeatedly requested, saturates CPU usage.

Solution

freebsd-upgrade-package-gitlab-ce

References

CVE-2023-0921
https://attackerkb.com/topics/CVE-2023-0921
CWE-770
EUVD-EUVD-2023-12908
https://euvd.enisa.europa.eu/vulnerability/EUVD-2023-12908

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report