GitLab Multiple Vulnerabilities
Release Date: 28 Jun 2024
RISK: Medium Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities were identified in GitLab. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege, remote code execution, sensitive information disclosure, data manipulation, cross-site scripting and security restriction bypass on the targeted system.
Impact
- Remote Code Execution
- Denial of Service
- Information Disclosure
- Elevation of Privilege
- Security Restriction Bypass
- Data Manipulation
- Cross-Site Scripting
System / Technologies affected
- GitLab Community Edition (CE) versions prior to 17.1.1, 17.0.3, and 16.11.5
- GitLab Enterprise Edition (EE) versions prior to 17.1.1, 17.0.3, and 16.11.5
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
Vulnerability Identifier
- CVE-2024-1493
- CVE-2024-1816
- CVE-2024-2177
- CVE-2024-2191
- CVE-2024-3115
- CVE-2024-3959
- CVE-2024-4011
- CVE-2024-4025
- CVE-2024-4557
- CVE-2024-4901
- CVE-2024-4994
- CVE-2024-5430
- CVE-2024-5655
- CVE-2024-6323
沒有留言:
發佈留言