CVE-2024-5258 | GitLab up to 16.10.5/16.11.2/17.0.0 Naming Convention authorization (Issue 443254)

Inserito da Angelo Barbosa | Mag 23, 2024 | CVE

A vulnerability was found in GitLab up to 16.10.5/16.11.2/17.0.0. It has been classified as problematic. This affects an unknown part of the component Naming Convention Handler. The manipulation leads to authorization bypass.

This vulnerability is uniquely identified as CVE-2024-5258. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-5258 | GitLab up to 16.10.5/16.11.2/17.0.0 Naming Convention authorization (Issue 443254)

Post correlati

CVE-2024-24772 | Apache Superset up to 3.0.3/3.1.0 Chart Data REST API information disclosure

CVE-2024-0798 | mintplex-labs anything-llm up to 0.0.x HTTP DELETE Request least privilege violation

CVE-2024-45176 | za-internet C-MOR Video Surveillance 5.2401 Web Interface cross site scripting (SYSS-2024-020)

CVE-2024-35634 | Wow-Company Woocommerce Plugin up to 1.0.1 on WordPress path traversal