Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-4v6w-vxg7-j28q

Опубликовано: 12 сент. 2024
Источник: github
Github: Не прошло ревью
CVSS3: 8.5

Описание

An issue has been discovered in GitLab EE affecting all versions starting from 16.11 prior to 17.1.7, from 17.2 prior to 17.2.5, and from 17.3 prior to 17.3.2. Due to incomplete input filtering, it was possible to inject commands into a connected Cube server.

An issue has been discovered in GitLab EE affecting all versions starting from 16.11 prior to 17.1.7, from 17.2 prior to 17.2.5, and from 17.3 prior to 17.3.2. Due to incomplete input filtering, it was possible to inject commands into a connected Cube server.

Ссылки

EPSS

Процентиль: 33%
0.00126
Низкий

8.5 High

CVSS3

CVE ID

CVE-2024-8640

Дефекты

CWE-77

Связанные уязвимости

nvd логотип

CVE-2024-8640

CVSS3: 8.5
nvd
9 месяцев назад

An issue has been discovered in GitLab EE affecting all versions starting from 16.11 prior to 17.1.7, from 17.2 prior to 17.2.5, and from 17.3 prior to 17.3.2. Due to incomplete input filtering, it was possible to inject commands into a connected Cube server.

debian логотип

CVE-2024-8640

CVSS3: 8.5
debian
9 месяцев назад

An issue has been discovered in GitLab EE affecting all versions start ...

fstec логотип

BDU:2024-09378

CVSS3: 8.8
fstec
10 месяцев назад

Уязвимость программной платформы на базе git для совместной работы над кодом GitLab Enterprise Edition, связанная с непринятием мер по чистке данных на управляющем уровне, позволяющая нарушителю внедрять команды

EPSS

Процентиль: 33%
0.00126
Низкий

8.5 High

CVSS3

CVE ID

CVE-2024-8640

Дефекты

CWE-77