CVE-2024-5469

LOW

Gitlab < 16.10.6 - Improper Condition Check

Title source: rule

Description

DoS in KAS in GitLab CE/EE affecting all versions from 16.10.0 prior to 16.10.6 and 16.11.0 prior to 16.11.3 allows an attacker to crash KAS via crafted gRPC requests.

References (1)

[Vendor Advisory] https://gitlab.com/gitlab-org/gitlab/-/issues/464143

Scores

CVSS v3 3.1

EPSS 0.0012

EPSS Percentile 30.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

Classification

CWE

CWE-754

Status published

Affected Products (1)

gitlab/gitlab < 16.10.6

Timeline

Published Jun 14, 2024

Tracked Since Feb 18, 2026