CVE-2024-5469

Published: Jun 14, 2024Modified: Nov 21, 2024

4.3

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Exploitability: 2.8 / Impact: 1.4

Source: NVD

Description

DoS in KAS in GitLab CE/EE affecting all versions from 16.10.0 prior to 16.10.6 and 16.11.0 prior to 16.11.3 allows an attacker to crash KAS via crafted gRPC requests.

Affected (2)

Products: Gitlab: Gitlab

Gitlab

1 product

Gitlab

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Gitlab Gitlab	From 16.10.0 to 16.10.6
Gitlab Gitlab	From 16.11.0 to 16.11.3

Related CWEs

CWE-754

Improper Check for Unusual or Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

References (2)

https://gitlab.com/gitlab-org/gitlab/-/issues/464143

Source: cve@gitlab.com

Vendor Advisory

https://gitlab.com/gitlab-org/gitlab/-/issues/464143

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.