GitLab Multiple Vulnerabilities
Release Date: 12 Aug 2024
RISK: Medium Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities were identified in GitLab. A remote attacker could exploit some of these vulnerabilities to trigger elevation of privilege, security restriction bypass, cross-site scripting, denial of service and information disclosure on the targeted system.
Impact
- Elevation of Privilege
- Security Restriction Bypass
- Cross-Site Scripting
- Denial of Service
- Information Disclosure
System / Technologies affected
- GitLab Community Edition (CE) versions prior to 17.2.2, 17.1.4 and 17.0.6
- GitLab Enterprise Edition (EE) versions prior to 17.2.2, 17.1.4 and 17.0.6
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
Vulnerability Identifier
- CVE-2024-2800
- CVE-2024-3035
- CVE-2024-3114
- CVE-2024-3958
- CVE-2024-4207
- CVE-2024-4210
- CVE-2024-4784
- CVE-2024-5423
- CVE-2024-6329
- CVE-2024-6356
- CVE-2024-7586
沒有留言:
發佈留言