CVE-2024-12379 | GitLab Community Edition/Enterprise Edition up to 17.6.4/17.7.3/17.8.1 Personal Access Token scopes allocation of resources (Issue 508559)

Inserito da Angelo Barbosa | Feb 12, 2025 | CVE

A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 17.6.4/17.7.3/17.8.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Personal Access Token Handler. The manipulation of the argument scopes leads to allocation of resources.

This vulnerability is known as CVE-2024-12379. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-12379 | GitLab Community Edition/Enterprise Edition up to 17.6.4/17.7.3/17.8.1 Personal Access Token scopes allocation of resources (Issue 508559)

Post correlati

CVE-2024-33627 | Cusmin Absolutely Glamorous Custom Admin Plugin up to 7.2.2 on WordPress server-side request forgery

CVE-2024-20464 | Cisco IOS XE 17.13.1/17.13.1a Protocol Independent Multicast denial of service (cisco-sa-pim-APbVfySJ)

CVE-2024-6213 | SourceCodester Food Ordering Management System up to 1.0 Login Panel login.php username sql injection

CVE-2024-7857 | Media Library Folders Plugin up to 8.2.2 on WordPress sql injection