216.73.217.98

CVE-2024-8973

· Published 09/05/2025 17:15 · Modified 09/05/2025 17:15

Labels: CVE-2024-8973 2025-05-09CVE-2024-8973CWE-770[email protected]

Essential information

Published
09/05/2025 17:15
Modified
09/05/2025 17:15
Author
Creator
CVSS
6.5 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVSS metrics

Description

An issue has been discovered in GitLab CE/EE affecting all versions starting from 17.1 prior to 17.9.8, from 17.10 prior to 17.10.6, and from 17.11 prior to 17.11.2. It was possible to cause a DoS condition via GitHub import requests using a malicious crafted payload.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
gitlab / gitlab ce cpe:2.3:a:gitlab:gitlab_ce:17.1-17.9.8:*:*:*:*:*:*:*
gitlab / gitlab ce cpe:2.3:a:gitlab:gitlab_ce:17.10.0-17.10.6:*:*:*:*:*:*:*
gitlab / gitlab ce cpe:2.3:a:gitlab:gitlab_ce:17.11.0-17.11.2:*:*:*:*:*:*:*
gitlab / gitlab ee cpe:2.3:a:gitlab:gitlab_ee:17.1-17.9.8:*:*:*:*:*:*:*
gitlab / gitlab ee cpe:2.3:a:gitlab:gitlab_ee:17.10.0-17.10.6:*:*:*:*:*:*:*
gitlab / gitlab ee cpe:2.3:a:gitlab:gitlab_ee:17.11.0-17.11.2:*:*:*:*:*:*:*

References