Multiple Denial of Service (DoS) conditions has been discovered in GitLab CE/EE affecting all versions starting from 1.0 prior to 17.0.6, starting from 17.1 prior to 17.1.4, and starting from 17.2 prior to 17.2.2 which allowed an attacker to cause resource exhaustion via banzai pipeline.
References
Link | Resource |
---|---|
https://gitlab.com/gitlab-org/gitlab/-/issues/463807 | Broken Link |
https://hackerone.com/reports/2518563 | Permissions Required |
Configurations
Configuration 1 (hide)
|
History
29 Aug 2024, 15:41
Type | Values Removed | Values Added |
---|---|---|
First Time |
Gitlab
Gitlab gitlab |
|
CWE | NVD-CWE-noinfo | |
References | () https://gitlab.com/gitlab-org/gitlab/-/issues/463807 - Broken Link | |
References | () https://hackerone.com/reports/2518563 - Permissions Required | |
CPE | cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:* cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:* |
08 Aug 2024, 13:04
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
08 Aug 2024, 11:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-08 11:15
Updated : 2024-08-29 15:41
NVD link : CVE-2024-5423
Mitre link : CVE-2024-5423
CVE.ORG link : CVE-2024-5423
JSON object : View
Products Affected
gitlab
- gitlab
CWE