CVE-2024-3035 | GitLab Community Edition/Enterprise Edition up to 17.0.5/17.1.3/17.2.1 LFS Token authorization

Inserito da Angelo Barbosa | Ago 8, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in GitLab Community Edition and Enterprise Edition up to 17.0.5/17.1.3/17.2.1. This issue affects some unknown processing of the component LFS Token Handler. The manipulation leads to authorization bypass.

The identification of this vulnerability is CVE-2024-3035. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-3035 | GitLab Community Edition/Enterprise Edition up to 17.0.5/17.1.3/17.2.1 LFS Token authorization

Post correlati

CVE-2024-7931 | SourceCodester Online Graduate Tracer System 1.0 view_csprofile.php id sql injection

CVE-2024-2932 | SourceCodester Online Chatting System 1.0 admin/update_room.php id sql injection

CVE-2024-5435 | GitLab Enterprise Edition up to 17.1.6/17.2.4/17.3.1 Repository Mirror information exposure (Issue 464044)

CVE-2023-43318 | TP-Link TL-SG2210P 5.0 Build 20211201 Web Console tid/usrlvl access control