CVE-2024-5469: Uncontrolled Resource Consumption in GitLab

3.1 CVSS

Description

DoS in KAS in GitLab CE/EE affecting all versions from 16.10.0 prior to 16.10.6 and 16.11.0 prior to 16.11.3 allows an attacker to crash KAS via crafted gRPC requests.

Classification

CVE ID: CVE-2024-5469

CVSS Base Severity: LOW

CVSS Base Score: 3.1

Affected Products

Vendor: GitLab

Product: GitLab

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 15.61% (scored less or equal to compared to others)

EPSS Date: 2025-02-07 (when was this score calculated)

References

https://gitlab.com/gitlab-org/gitlab/-/issues/464143

Timeline

2025-01-10 00:30:59 UTC
CVE

Uncontrolled Resource Consumption in GitLab