CVE-2024-8041

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Aug 22, 2024
Updated: Aug 23, 2024
CWE ID 400

Summary

CVE-2024-8041 is a Denial of Service (DoS) vulnerability affecting GitLab Community Edition (CE) and Enterprise Edition (EE) in all versions prior to 17.1.6, 17.2 before 17.2.4, and 17.3 before 17.3.1. This vulnerability can be exploited when a maliciously crafted repository is imported using the GitHub importer, potentially leading to high availability impact for organizations that utilize these GitLab versions. To remediate this issue, users are advised to upgrade to the patched versions released by GitLab. The vulnerability has a medium severity rating with an exploitability score of 2.8, indicating that it requires low privileges and does not necessitate user interaction for exploitation. If successfully exploited, this vulnerability could render affected systems non-functional, posing a significant risk to operational continuity for organizations relying on GitLab services.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share