CVE-2024-11828
CVSS 3.1 Score 7.5 of 10 (high)
Details
Published Nov 26, 2024
Updated: Dec 12, 2024
CWE ID 407
Summary
CVE-2024-11828 is a newly disclosed denial of service (DoS) vulnerability in GitLab CE/EE. Affected versions include those from 13.2.4 to 17.4.5 for the CE series, and 17.5 to 17.5.3 for the EE series, as well as versions 17.6 before 17.6.1. By exploiting this issue, an attacker can trigger a DoS condition through specially crafted API calls. This vulnerability represents a regression of an earlier patch.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- GitLab
Affected Vendors
- GitLab Inc.