Unrated severityNVD Advisory· Published Jun 14, 2024· Updated Jan 9, 2025
Uncontrolled Resource Consumption in GitLab
CVE-2024-5469
Description
DoS in KAS in GitLab CE/EE affecting all versions from 16.10.0 prior to 16.10.6 and 16.11.0 prior to 16.11.3 allows an attacker to crash KAS via crafted gRPC requests.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*range: 16.10.0
- (no CPE)range: >=16.10.0, <16.10.6 || >=16.11.0, <16.11.3
Patches
Vulnerability mechanics
References
1- gitlab.com/gitlab-org/gitlab/-/issues/464143mitreissue-trackingpermissions-required
News mentions
1- GitLab Patch Release: 17.0.2, 16.11.4, 16.10.7GitLab Security Releases · Jun 12, 2024