First published: Thu Mar 13 2025(Updated: )
An issue was discovered in GitLab CE/EE affecting all versions before 17.7.7, 17.8 prior to 17.8.5, and 17.9 prior to 17.9.2. where a denial of service vulnerability could allow an attacker to cause a system reboot under certain conditions.
Credit: cve@gitlab.com
Affected Software | Affected Version | How to fix |
---|---|---|
GitLab | <17.7.7 | |
GitLab Enterprise Edition | <17.7.7 | |
GitLab Enterprise Edition | >17.8<17.8.5 | |
GitLab Enterprise Edition | >17.9<17.9.2 |
Upgrade to version 17.9.2, 17.8.5, 17.7.7
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-13054 is classified as a denial of service vulnerability that can potentially cause a system reboot.
To resolve CVE-2024-13054, upgrade to GitLab CE/EE versions 17.7.7, 17.8.5, or 17.9.2 and above.
CVE-2024-13054 affects all GitLab CE/EE versions prior to 17.7.7, 17.8 before 17.8.5, and 17.9 before 17.9.2.
CVE-2024-13054 allows an attacker to exploit the vulnerability to trigger a denial of service that may lead to system reboot.
Yes, CVE-2024-13054 impacts both GitLab CE and GitLab EE versions within the specified vulnerabilities.