GitLab Multiple Vulnerabilities
Release Date: 13 Sep 2024
RISK: Medium Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities were identified in GitLab. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege, spoofing, remote code execution, sensitive information disclosure and security restriction bypass on the targeted system.
Impact
- Remote Code Execution
- Denial of Service
- Elevation of Privilege
- Security Restriction Bypass
- Information Disclosure
- Spoofing
System / Technologies affected
- GitLab Community Edition (CE) versions prior to 17.3.2, 17.2.5 and 17.1.7
- GitLab Enterprise Edition (EE) versions prior to 17.3.2, 17.2.5 and 17.1.7
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
Vulnerability Identifier
- CVE-2024-2743
- CVE-2024-4283
- CVE-2024-4472
- CVE-2024-4612
- CVE-2024-4660
- CVE-2024-5435
- CVE-2024-6389
- CVE-2024-6446
- CVE-2024-6678
- CVE-2024-6685
- CVE-2024-8124
- CVE-2024-8311
- CVE-2024-8631
- CVE-2024-8635
- CVE-2024-8640
- CVE-2024-8641
沒有留言:
發佈留言