CVE-2024-6356

Medium CVSS: 4.4

An issue was discovered in GitLab EE affecting all versions starting from 16.0 prior to 17.0.6, starting from 17.1 prior to 17.1.4, and starting from 17.2 prior to 17.2.2, which allowed cross project access for Security policy bot.

Vendor

Gitlab

Product

Gitlab

CWE

CWE-286

Yayın Tarihi

2025-02-05 10:15:22

Güncelleme

2025-08-06 18:51:24

Source Identifier

cve@gitlab.com

KEV Date Added

Kategoriler

CWE-286 Gitlab MEDIUM Gitlab 2025

Referanslar

https://gitlab.com/gitlab-org/gitlab/-/issues/469108 https://hackerone.com/reports/2575051

Benzer Kayıtlar

High

CVE-2026-2370

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.3 before 18.8.7, 18.9 before 18.9.3, and 1…

High

CVE-2026-3857

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.8.7, 18.9 before 18.9.3, and…

High

CVE-2026-3988

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5 before 18.8.7, 18.9 before 18.9.3, and 1…

Medium

CVE-2026-2973

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.7 before 18.8.7, 18.9 before 18.9.3, and 1…

High

CVE-2026-2995

GitLab has remediated an issue in GitLab EE affecting all versions from 15.4 before 18.8.7, 18.9 before 18.9.3, and 18.1…

Medium

CVE-2026-2726

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.10 before 18.8.7, 18.9 before 18.9.3, and…