CVE-2024-6446 | GitLab up to 17.1.6/17.2.4/17.3.1 URL logic error (Issue 470144)

Posted by Angelo Barbosa | Sep 12, 2024 | CVE

A vulnerability was found in GitLab up to 17.1.6/17.2.4/17.3.1 and classified as problematic. This issue affects some unknown processing of the component URL Handler. The manipulation leads to business logic errors.

The identification of this vulnerability is CVE-2024-6446. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-6446 | GitLab up to 17.1.6/17.2.4/17.3.1 URL logic error (Issue 470144)

Related Posts

CVE-2024-24329 | Totolink A3300R 17.0.0cu.557_B20221024 setPortForwardRules enable command injection

CVE-2023-38657 | GTKWave 3.3.115 LXT2 zlib Block out-of-bounds write (TALOS-2023-1823)

CVE-2024-2993 | Tenda FH1203 2.0.1.6 /goform/QuickIndex formQuickIndex PPPOEPassword stack-based overflow

CVE-2024-41677 | QwikDev qwik up to 1.5.x cross site scripting (GHSA-2rwj-7xq8-4gx4)