216.73.217.98

CVE-2024-8041

· Published 22/08/2024 16:15 · Modified 11/09/2024 16:54

Labels: CVE-2024-8041 2024-08-22CVE-2024-8041CWE-400NVD-CWE-noinfo[email protected]

Essential information

Published
22/08/2024 16:15
Modified
11/09/2024 16:54
Author
Creator
CVSS
6.5 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVSS metrics

Description

A Denial of Service (DoS) issue has been discovered in GitLab CE/EE affecting all versions prior to 17.1.6, 17.2 prior to 17.2.4, and 17.3 prior to 17.3.1. A denial of service could occur upon importing a maliciously crafted repository using the GitHub importer.

NVD status

Status
Analyzed — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
gitlab / gitlab cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
gitlab / gitlab cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
gitlab / gitlab cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
gitlab / gitlab cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
gitlab / gitlab cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
gitlab / gitlab cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*

References