Uncontrolled CPU Consumption Vulnerability in GitLab CE/EE Could Lead to Denial of Service
CVE-2024-9367

Currently unrated

Key Information:

Vendor: GitLab
Status: Gitlab
Vendor: CVE Published:; 12 December 2024

What is CVE-2024-9367?

A vulnerability has been identified in GitLab CE/EE that affects versions 13.9 through to 17.4.6, 17.5 prior to 17.5.4, and 17.6 before 17.6.2. This vulnerability allows attackers to exploit the template parsing functionality, leading to uncontrolled CPU consumption. As a result, this may trigger a Denial of Service condition, severely impacting the availability of the service. Administrators are advised to review their systems for these specific versions and implement necessary updates or mitigations to prevent exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://gitlab.com/gitlab-org/gitlab/-/issues/496631

https://hackerone.com/reports/2735311

Timeline

Vulnerability published
Dec 12, 2024

JSON

GitLab

What is CVE-2024-9367?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.