CVE-2024-8977 | GitLab Enterprise Edition up to 17.2.8/17.3.4/17.4.1 Product Analytics Dashboard server-side request forgery (Issue 491060)

Inserito da Angelo Barbosa | Ott 10, 2024 | CVE

A vulnerability classified as critical has been found in GitLab Enterprise Edition up to 17.2.8/17.3.4/17.4.1. Affected is an unknown function of the component Product Analytics Dashboard. The manipulation leads to server-side request forgery.

This vulnerability is traded as CVE-2024-8977. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-8977 | GitLab Enterprise Edition up to 17.2.8/17.3.4/17.4.1 Product Analytics Dashboard server-side request forgery (Issue 491060)

Post correlati

CVE-2024-22189 | quic-go prior 0.42.0 Connection ID resource consumption

CVE-2024-20746 | Adobe Premiere Pro out-of-bounds write (APSB24-15)

CVE-2024-42001 | Vonets VGA-1000 up to 3.3.23.6.9 direct request (icsa-24-214-08)

CVE-2024-22808 | Tormach xsTECH CNC Router 2.9.6 Name denial of service