CVE-2024-11828

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Nov 26, 2024
Updated: Dec 12, 2024
CWE ID 407

Summary

CVE-2024-11828 is a newly disclosed denial of service (DoS) vulnerability in GitLab CE/EE. Affected versions include those from 13.2.4 to 17.4.5 for the CE series, and 17.5 to 17.5.3 for the EE series, as well as versions 17.6 before 17.6.1. By exploiting this issue, an attacker can trigger a DoS condition through specially crafted API calls. This vulnerability represents a regression of an earlier patch.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share