CVE-2024-8640 | GitLab Enterprise Edition up to 17.1.6/17.2.4/17.3.1 Cube Server command injection (Issue 486213)

Inserito da Angelo Barbosa | Set 12, 2024 | CVE

A vulnerability was found in GitLab Enterprise Edition up to 17.1.6/17.2.4/17.3.1. It has been classified as critical. Affected is an unknown function of the component Cube Server Handler. The manipulation leads to command injection.

This vulnerability is traded as CVE-2024-8640. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-8640 | GitLab Enterprise Edition up to 17.1.6/17.2.4/17.3.1 Cube Server command injection (Issue 486213)

Post correlati

CVE-2024-27920 | projectdiscovery nuclei up to 3.1.x os command injection

CVE-2024-7703 | reputeinfosystems ARMember Plugin up to 4.0.37 on WordPress SVG File cross site scripting

CVE-2024-5247 | Netgear ProSAFE Network Management System UpLoadServlet unrestricted upload

CVE-2024-36598 | Aegon Life 1.0 Image File unrestricted upload