Lucene search
HistoryFeb 07, 2024 - 10:15 p.m.
CVE-2024-1066
gitlab
ee
vulnerability
resource exhaustion
issue
graphql
cve-2024-1066
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
0
Percentile
13.3%
An issue has been discovered in GitLab EE affecting all versions from 13.3.0 prior to 16.6.7, 16.7 prior to 16.7.5, and 16.8 prior to 16.8.2 which allows an attacker to do a resource exhaustion using GraphQL vulnerabilitiesCountByDay
Affected configurations
Node
gitlabgitlabRange13.3.0–16.6.7
ORgitlabgitlabRange16.7.0–16.7.5
ORgitlabgitlabRange16.8.0–16.8.2
Related
cvelist
cvelist
CVE-2024-1066 Uncontrolled Resource Consumption in GitLab
2024-02-07 22:02:11
debiancve
debiancve
CVE-2024-1066
2024-02-07 22:15:09
osv
osv
BIT-gitlab-2024-1066
2024-03-06 10:52:51
CVE-2024-1066
2024-02-07 22:15:09
nessus
nessus
GitLab 13.3.3 < 16.6.7 / 16.7 < 16.7.5 / 16.8 < 16.8.2 (CVE-2024-1066)
2024-02-07 00:00:00
FreeBSD : Gitlab -- vulnerabilities (6b2cba6a-c6a5-11ee-97d0-001b217b3468)
2024-02-09 00:00:00
prion
prion
Design/Logic Flaw
2024-02-07 22:15:00
cve
cve
CVE-2024-1066
2024-02-07 22:15:09
ubuntucve
ubuntucve
CVE-2024-1066
2024-02-07 00:00:00
vulnrichment
vulnrichment
CVE-2024-1066 Uncontrolled Resource Consumption in GitLab
2024-02-07 22:02:11
freebsd
freebsd
Gitlab -- vulnerabilities
2024-02-07 00:00:00
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
0
Percentile
13.3%
Related for NVD:CVE-2024-1066