Количество 4
Количество 4
CVE-2024-8635
A server-side request forgery issue has been discovered in GitLab EE affecting all versions starting from 16.8 prior to 17.1.7, from 17.2 prior to 17.2.5, and from 17.3 prior to 17.3.2. It was possible for an attacker to make requests to internal resources using a custom Maven Dependency Proxy URL
CVE-2024-8635
A server-side request forgery issue has been discovered in GitLab EE a ...
GHSA-859x-xr5x-c9x2
A server-side request forgery issue has been discovered in GitLab EE affecting all versions starting from 16.8 prior to 17.1.7, from 17.2 prior to 17.2.5, and from 17.3 prior to 17.3.2. It was possible for an attacker to make requests to internal resources using a custom Maven Dependency Proxy URL
BDU:2024-09381
Уязвимость программной платформы на базе git для совместной работы над кодом GitLab Enterprise Edition, связанная с недостаточной проверкой запросов на стороне сервера, позволяющая нарушителю выполнять SSRF-атаки
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-8635 A server-side request forgery issue has been discovered in GitLab EE affecting all versions starting from 16.8 prior to 17.1.7, from 17.2 prior to 17.2.5, and from 17.3 prior to 17.3.2. It was possible for an attacker to make requests to internal resources using a custom Maven Dependency Proxy URL | CVSS3: 7.7 | 0% Низкий | больше 1 года назад |
| CVE-2024-8635 A server-side request forgery issue has been discovered in GitLab EE a ... | CVSS3: 7.7 | 0% Низкий | больше 1 года назад |
| GHSA-859x-xr5x-c9x2 A server-side request forgery issue has been discovered in GitLab EE affecting all versions starting from 16.8 prior to 17.1.7, from 17.2 prior to 17.2.5, and from 17.3 prior to 17.3.2. It was possible for an attacker to make requests to internal resources using a custom Maven Dependency Proxy URL | CVSS3: 7.7 | 0% Низкий | больше 1 года назад |
 | BDU:2024-09381 Уязвимость программной платформы на базе git для совместной работы над кодом GitLab Enterprise Edition, связанная с недостаточной проверкой запросов на стороне сервера, позволяющая нарушителю выполнять SSRF-атаки | CVSS3: 7.7 | 0% Низкий | почти 2 года назад |
Уязвимостей на страницу