An issue was discovered in GitLab CE/EE affecting all versions starting from 11.10 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2, with the processing logic for parsing invalid commits can lead to a regular expression DoS attack on the server.

Related CVEs

CVE-2024-3114

Key Information

GHSA ID

GHSA-m99q-r6r6-wxx3

Published

August 8, 2024 12:30 PM

Last Modified

August 8, 2024 12:30 PM

CVSS Score

5.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: June 15, 2025 6:24 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.