CVE-2024-8041

A Denial of Service (DoS) issue has been discovered in GitLab CE/EE affecting all versions prior to 17.1.6, 17.2 prior to 17.2.4, and 17.3 prior to 17.3.1. A denial of service could occur upon importing a maliciously crafted repository using the GitHub importer.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*

History

11 Sep 2024, 16:54

Type Values Removed Values Added
CPE cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
First Time Gitlab
Gitlab gitlab
CWE NVD-CWE-noinfo
References () https://gitlab.com/gitlab-org/gitlab/-/issues/463092 - () https://gitlab.com/gitlab-org/gitlab/-/issues/463092 - Broken Link
References () https://hackerone.com/reports/2499070 - () https://hackerone.com/reports/2499070 - Permissions Required

23 Aug 2024, 16:18

Type Values Removed Values Added
Summary
  • (es) Se descubrió un problema de denegación de servicio (DoS) en GitLab CE/EE que afecta a todas las versiones anteriores a 17.1.6, 17.2 anterior a 17.2.4 y 17.3 anterior a 17.3.1. Podría ocurrir una denegación de servicio al importar un repositorio creado con fines malintencionados mediante el importador de GitHub.

22 Aug 2024, 16:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-22 16:15

Updated : 2024-09-11 16:54


NVD link : CVE-2024-8041

Mitre link : CVE-2024-8041

CVE.ORG link : CVE-2024-8041


JSON object : View

Products Affected

gitlab

  • gitlab
CWE
NVD-CWE-noinfo CWE-400

Uncontrolled Resource Consumption