Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2024-8311

Опубликовано: 12 сент. 2024
Источник: debian
EPSS Низкий

Описание

An issue was discovered with pipeline execution policies in GitLab EE affecting all versions from 17.2 prior to 17.2.5, 17.3 prior to 17.3.2 which allows authenticated users to bypass variable overwrite protection via inclusion of a CI/CD template.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
gitlabnot-affectedpackage

EPSS

Процентиль: 13%
0.00044
Низкий

Связанные уязвимости

nvd логотип

CVE-2024-8311

CVSS3: 6.5
nvd
больше 1 года назад

An issue was discovered with pipeline execution policies in GitLab EE affecting all versions from 17.2 prior to 17.2.5, 17.3 prior to 17.3.2 which allows authenticated users to bypass variable overwrite protection via inclusion of a CI/CD template.

github логотип

GHSA-947f-qh3g-pcj5

CVSS3: 6.5
github
больше 1 года назад

An issue was discovered with pipeline execution policies in GitLab EE affecting all versions from 17.2 prior to 17.2.5, 17.3 prior to 17.3.2 which allows authenticated users to bypass variable overwrite protection via inclusion of a CI/CD template.

EPSS

Процентиль: 13%
0.00044
Низкий