An issue was discovered in GitLab CE/EE affecting all versions starting from 13.9 before 17.4.6, 17.5 before 17.5.4, and 17.6 before 17.6.2, that allows an attacker to cause uncontrolled CPU consumption, potentially leading to a Denial of Service (DoS) condition while parsing templates to generate changelogs.

Related CVEs

CVE-2024-9367

Key Information

GHSA ID

GHSA-hwhg-29fx-c3jc

Published

December 12, 2024 12:31 PM

Last Modified

December 12, 2024 12:31 PM

CVSS Score

5.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: June 15, 2025 6:24 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.