CVE-2024-8641

CVE-2024-8641

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7 prior to 17.1.7, from 17.2 prior to 17.2.5, and from 17.3 prior to 17.3.2. It may have been possible for an attacker with a victim's CI_JOB_TOKEN to obtain a GitLab session token belonging to the victim.

CVE-2024-8641

An issue has been discovered in GitLab CE/EE affecting all versions st ...

GHSA-x654-52cq-hxj3

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7 prior to 17.1.7, from 17.2 prior to 17.2.5, and from 17.3 prior to 17.3.2. It may have been possible for an attacker with a victim's CI_JOB_TOKEN to obtain a GitLab session token belonging to the victim.

BDU:2024-09379

Уязвимость программной платформы на базе git для совместной работы над кодом GitLab, связанная с ошибками переключения контекста привилегий, позволяющая нарушителю повысить свои привилегии и получить несанкционированный доступ к защищаемой информации