CVE-2024-6389 | GitLab Community Edition/Enterprise Edition up to 17.1.6/17.2.4/17.3.1 Atom Endpoint exposure of sensitive system information to an unauthorized control sphere (Issue 469367)

Inserito da Angelo Barbosa | Set 12, 2024 | CVE

A vulnerability classified as problematic has been found in GitLab Community Edition and Enterprise Edition up to 17.1.6/17.2.4/17.3.1. Affected is an unknown function of the component Atom Endpoint. The manipulation leads to exposure of sensitive system information to an unauthorized control sphere.

This vulnerability is traded as CVE-2024-6389. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-6389 | GitLab Community Edition/Enterprise Edition up to 17.1.6/17.2.4/17.3.1 Atom Endpoint exposure of sensitive system information to an unauthorized control sphere (Issue 469367)

Post correlati

CVE-2024-1895 | awordpresslife Event Monster Plugin up to 1.3.4 on WordPress deserialization

CVE-2024-24775 | F5 BIG-IP up to 15.1.9/16.1.3/17.1.0 Traffic Management Microkernel null pointer dereference (K000137333)

CVE-2023-52218 | Anton Bond Woocommerce Tranzila Payment Gateway Plugin up to 1.0.8 on WordPress deserialization

CVE-2024-29974 | Zyxel NAS326/NAS542 prior 5.21 file_upload-cgi unrestricted upload