CVE-2023-6502

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions prior to 16.10.6 GitLab CE/EE version 16.11 prior to 16.11.3 GitLab CE/EE version 17.0 prior to 17.0.1

Description A Denial of Service (DoS) condition has been discovered in GitLab CE/EE. It is possible for an attacker to cause a denial of service using a crafted wiki page. The issue is related to uncontrolled resource consumption, which can be exploited by a remote attacker to cause a denial of service.

Recommendations For GitLab CE/EE versions prior to 16.10.6, update to version 16.10.6 or later. For GitLab CE/EE version 16.11 prior to 16.11.3, update to version 16.11.3 or later. For GitLab CE/EE version 17.0 prior to 17.0.1, update to version 17.0.1 or later. As a temporary workaround, consider restricting access to crafted wiki pages to minimize the risk of exploitation.