CVE-2024-8041

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2024-8041

Severity

Unknown

Description

A Denial of Service (DoS) issue has been discovered in GitLab CE/EE affecting all versions prior to 17.1.6, 17.2 prior to 17.2.4, and 17.3 prior to 17.3.1. A denial of service could occur upon importing a maliciously crafted repository using the GitHub importer.

References

https://images.chainguard.dev/security/CGA-893m-7372-qh3x
https://github.com/advisories/GHSA-qvhh-qrj8-5g7c
https://images.chainguard.dev/security/CGA-m958-8vmw-whxf
https://images.chainguard.dev/security/CGA-78hf-5j6v-55cf
https://images.chainguard.dev/security/CGA-fm53-p2mp-735c
https://images.chainguard.dev/security/CGA-86jf-7x58-q9cf
https://images.chainguard.dev/security/CGA-2599-mqxh-xmc2
https://images.chainguard.dev/security/CGA-784g-8496-3ppv
https://images.chainguard.dev/security/CGA-w728-6x6v-7x6v
https://images.chainguard.dev/security/CGA-7cjf-rxrv-h9wx
https://images.chainguard.dev/security/CGA-xq33-jhch-r38v
https://images.chainguard.dev/security/CGA-8c45-382h-97vm
https://images.chainguard.dev/security/CGA-58pq-wx6w-4hjx
https://images.chainguard.dev/security/CGA-p7xg-x566-fmcx
https://gitlab.com/gitlab-org/gitlab/-/issues/463092
https://hackerone.com/reports/2499070

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

Safe Source for Open Source™

Media Kit Contact Us

Private Policy

CVE-2024-8041

Severity

Description

References

Affected packages

Products

Why Chainguard

Customers

Company

Resources