What Happened

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.0 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that could have allowed an authenticated user to cause denial of service on the CI/CD Catalog page due to improper sanitization.

Who Is Affected

Users of GitLab CE/EE versions from 17.0 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2.

Severity & Impact

The vulnerability has a CVSS score of 4.3, indicating a medium severity. The impact is a denial of service on the CI/CD Catalog page.

Mitigation

Users should update to versions 18.10.8, 18.11.5, or 19.0.2 or later to remediate the issue.