Medium severity4.3NVD Advisory· Published Apr 12, 2024· Updated Jun 17, 2026
CVE-2023-6678
CVE-2023-6678
Description
An issue has been discovered in GitLab EE affecting all versions before 16.8.6, all versions starting from 16.9 before 16.9.4, all versions starting from 16.10 before 16.10.2. It was possible for an attacker to cause a denial of service using malicious crafted content in a junit test report file.
Affected products
3- Range: <16.8.6, 16.9<16.9.4, 16.10<16.10.2
Patches
Vulnerability mechanics
References
2- gitlab.com/gitlab-org/gitlab/-/issues/434689nvdBroken Link
- hackerone.com/reports/2268037nvdPermissions Required
News mentions
1- GitLab Patch Release: 16.10.2, 16.9.4, 16.8.6GitLab Security Releases · Apr 10, 2024