|
1941
|
6.5 |
MEDIUM
Network
|
gitlab
|
gitlab
|
A server-side request forgery issue has been discovered in GitLab EE affecting all versions starting from 16.8 prior to 17.1.7, from 17.2 prior to 17.2.5, and from 17.3 prior to 17.3.2. It was possib…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2024-8635
|
2024-09-15 00:24 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1942
|
7.2 |
HIGH
Network
|
gitlab
|
gitlab
|
A privilege escalation issue has been discovered in GitLab EE affecting all versions starting from 16.6 prior to 17.1.7, from 17.2 prior to 17.2.5, and from 17.3 prior to 17.3.2. A user assigned the …
|
NVD-CWE-noinfo
|
CVE-2024-8631
|
2024-09-15 00:22 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1943
|
3.5 |
LOW
Network
|
gitlab
|
gitlab
|
An issue has been discovered in GitLab affecting all versions starting from 17.1 to 17.1.7, 17.2 prior to 17.2.5 and 17.3 prior to 17.3.2. A crafted URL could be used to trick a victim to trust an at…
|
NVD-CWE-noinfo
|
CVE-2024-6446
|
2024-09-15 00:17 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1944
|
4.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue was discovered in GitLab-CE/EE affecting all versions starting with 17.0 before 17.1.7, 17.2 before 17.2.5, and 17.3 before 17.3.2. An attacker as a guest user was able to access commit info…
|
NVD-CWE-noinfo
|
CVE-2024-6389
|
2024-09-15 00:10 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1945
|
6.5 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue has been discovered discovered in GitLab EE/CE affecting all versions starting from 15.10 before 17.1.7, all versions starting from 17.2 before 17.2.5, all versions starting from 17.3 before…
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2024-5435
|
2024-09-15 00:05 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1946
|
7.5 |
HIGH
Network
gitlab
|
gitlab
|
An issue has been discovered in GitLab EE affecting all versions starting from 11.2 before 17.1.7, all versions starting from 17.2 before 17.2.5, all versions starting from 17.3 before 17.3.2. It was…
|
NVD-CWE-noinfo
|
CVE-2024-4660
|
2024-09-14 23:57 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1947
|
6.1 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue has been discovered in GitLab EE affecting all versions starting from 12.9 before 17.1.7, 17.2 before 17.2.5, and 17.3 before 17.3.2. Under certain conditions an open redirect vulnerability …
|
CWE-601
Open Redirect
|
CVE-2024-4612
|
2024-09-14 23:48 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1948
|
9.1 |
CRITICAL
Network
gitlab
|
gitlab
|
An issue was discovered in GitLab-EE starting with version 13.3 before 17.1.7, 17.2 before 17.2.5, and 17.3 before 17.3.2 that would allow an attacker to modify an on-demand DAST scan without permiss…
|
CWE-863
Incorrect Authorization
|
CVE-2024-2743
|
2024-09-14 23:42 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1949
|
7.2 |
HIGH
Network
|
-
|
-
|
An input validation weakness was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform command injection through specially crafted command line input …
|
-
|
CVE-2024-8281
|
2024-09-14 20:47 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1950
|
7.2 |
HIGH
Network
|
-
|
-
|
An input validation weakness was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform command injection or cause a recoverable denial of service usin…
|
-
|
CVE-2024-8280
|
2024-09-14 20:47 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
