CVE-2024-4557

2024-06-2700:00:00

ubuntu.com

gitlab

dos vulnerability

resource exhaustion

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.8

Confidence

Low

JSON

Multiple Denial of Service (DoS) conditions has been discovered in GitLab
CE/EE affecting all versions starting from 1.0 prior to 16.11.5, starting
from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1 which
allowed an attacker to cause resource exhaustion via banzai pipeline.