PT-2025-11146 · Gitlab · Gitlab Ce/Ee

Publicado

2025-03-12

·

Atualizado

2025-03-15

·

CVE-2024-13054

CVSS v2.0

6.8

Média

VetorAV:N/AC:L/Au:S/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions prior to 17.7.7 GitLab CE/EE version 17.8 prior to 17.8.5 GitLab CE/EE version 17.9 prior to 17.9.2
Description: An issue was discovered in GitLab CE/EE where a denial of service vulnerability could allow an attacker to cause a system reboot under certain conditions.
Recommendations: For GitLab CE/EE versions prior to 17.7.7, update to version 17.7.7 or later. For GitLab CE/EE version 17.8 prior to 17.8.5, update to version 17.8.5 or later. For GitLab CE/EE version 17.9 prior to 17.9.2, update to version 17.9.2 or later.

Exploit

Correção

DoS

Allocation of Resources Without Limits

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-770

Identificadores relacionados

BDU:2025-03646
BIT-GITLAB-2024-13054
CVE-2024-13054

Produtos afetados

Gitlab Ce/Ee