CVE-2024-4557

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-4557
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-4557.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-4557
Aliases
Related
Published
2024-06-27T00:15:11Z
Modified
2025-01-08T10:06:30.837726Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

Multiple Denial of Service (DoS) conditions has been discovered in GitLab CE/EE affecting all versions starting from 1.0 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1 which allowed an attacker to cause resource exhaustion via banzai pipeline.

References

Affected packages

Git / gitlab.com/gitlab-org/gitlab

Affected ranges

Type
GIT
Repo
https://gitlab.com/gitlab-org/gitlab
Events
Introduced
8c75d0bf4a4190d94326f1a854d0a102ceca4392
Fixed
bb522e4e0a729ff96a77a38b40c7e638654d7b95

Affected versions

v17.*

v17.0.0-ee
v17.0.1-ee
v17.0.1-rc42-ee
v17.0.2-ee