Michał Zając

**Name of the Vulnerable Software and Affected Versions** GitLab EE versions 13.3.0 through 16.6.7 GitLab EE versions 16.7 through 16.7.5 GitLab EE versions 16.8 through 16.8.2 **Description** The issue is related to an uncontrolled resource consumption in GitLab EE, which can be exploited by a remote attacker to cause a denial of service. The exploitation is possible using the GraphQL `vulnerabilitiesCountByDay` endpoint. **Recommendations** For GitLab EE versions 13.3.0 through 16.6.7, update to a version after 16.6.7. For GitLab EE versions 16.7 through 16.7.5, update to a version after 16.7.5. For GitLab EE versions 16.8 through 16.8.2, update to a version after 16.8.2. As a temporary workaround, consider restricting access to the GraphQL `vulnerabilitiesCountByDay` endpoint to minimize the risk of exploitation.