CVE-2024-5257 | GitLab Community Edition/Enterprise Edition up to 17.0.3/17.1.1 Group Namespace URL admin_compliance_framework access control (Issue 463149)

Inserito da Angelo Barbosa | Lug 11, 2024 | CVE

A vulnerability classified as problematic was found in GitLab Community Edition and Enterprise Edition up to 17.0.3/17.1.1. This vulnerability affects the function admin_compliance_framework of the component Group Namespace URL Handler. The manipulation leads to improper access controls.

This vulnerability was named CVE-2024-5257. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-5257 | GitLab Community Edition/Enterprise Edition up to 17.0.3/17.1.1 Group Namespace URL admin_compliance_framework access control (Issue 463149)

Post correlati

CVE-2024-35832 | Linux Kernel up to 6.7.4 bcachefs bch_fs::snapshots memory corruption (565906787911/369acf97d6fd)

CVE-2024-23970 | ChargePoint Home Flex certificate validation (ZDI-24-1052)

CVE-2024-39157 | idcCMS 1.35 ipRecord_deal.php cross-site request forgery

CVE-2024-2874 | GitLab Community Edition/Enterprise Edition up to 16.10.5/16.11.2/17.0.0 Description resource consumption (Issue 451911)