CVE-2023-3364 — Vulnetix

Try Vulnetix Request Demo

CVE-2023-3364 PUBLISHED

An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.14 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. A Regular Expression Denial of Service was possible via sending crafted payloads which use AutolinkFilter to the preview_markdown endpoint.

EPSS 4.71% · 89.3th percentile

Risk Scores

EPSS Score

4.71%

89.3th percentile

Affected Products

Vendor	Product	Versions
Bitnami	gitlab	8.14.0, 16.1.0, 16.2.0
Bitnami	gitlab	8.14.0, 16.1.0, 16.2.0

Timeline

Aug 1, 2023 CVE Published
Aug 2, 2023 EPSS Score
Aug 2, 2023 CVE Updated
Mar 18, 2025 EPSS Score
Mar 28, 2025 EPSS Score
Mar 30, 2025 EPSS Score
Apr 13, 2025 EPSS Score
Apr 14, 2025 EPSS Score
Apr 15, 2025 EPSS Score
Apr 30, 2025 EPSS Score
May 1, 2025 EPSS Score
Jun 1, 2025 EPSS Score

References

Open in Interactive Console →