Overview
- Description
- An issue has been discovered in GitLab CE/EE affecting all versions from 11.2 before 17.3.6, 17.4 before 17.4.3, and 17.5 before 17.5.1. A denial of service could occur via importing a malicious crafted XML manifest file.
- Source
- cve@gitlab.com
- NVD status
- Awaiting Analysis
Risk scores
CVSS 3.1
- Type
- Secondary
- Base score
- 6.5
- Impact score
- 3.6
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
- Severity
- MEDIUM
Weaknesses
- cve@gitlab.com
- CWE-770
Social media
- Hype score
- Not currently trending
Gitlab fixes CVE-2024-8312 and CVE-2024-6826 #Gitlab #CVE-2024-8312 #CVE-2024-6826 https://t.co/rubXHKvMIo
@pravin_karthik
25 Oct 2024
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
GitLabで高深刻度のクロスサイトスクリプティング脆弱性が修正。CVE-2024-8312はCVSSスコア8.7で、diff表示のグローバル検索部分が脆弱。DoS脆弱性のCVE-2024-6826も修正。 https://t.co/5vQkrQy7rM
@__kokumoto
24 Oct 2024
776 Impressions
3 Retweets
6 Likes
0 Bookmarks
0 Replies
0 Quotes