VDB
CVE-2024-0402
CVE-2024-0402
PUBLISHED
An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1 which allows an authenticated user to write files to arbitrary locations on the GitLab server while creating a workspace.
EPSS 45.18% · 97.7th percentile
Risk Scores
EPSS Score
45.18%
97.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | gitlab | 16.0.0, 16.8.0, 16.6.0 |
| Bitnami | gitlab | 16.0.0, 16.6.0, 16.7.0 |
Exploit Intelligence
- CIRCL seen: CVE-2024-0402 (circl-sighting)
- CIRCL seen: CVE-2024-0402 (circl-sighting)
- CIRCL seen: CVE-2024-0402 (circl-sighting)
- CIRCL seen: CVE-2024-0402 (circl-sighting)
- CIRCL seen: CVE-2024-0402 (circl-sighting)
- CIRCL seen: CVE-2024-0402 (circl-sighting)
- CIRCL seen: CVE-2024-0402 (circl-sighting)
- CIRCL published-proof-of-concept: CVE-2024-0402 (circl-sighting)
- CIRCL seen: CVE-2024-0402 (circl-sighting)
- CIRCL seen: CVE-2024-0402 (circl-sighting)
…and 53 more exploits
Timeline
- Jan 21, 1970 Security Advisory
- Jan 12, 2024 CVE Published
- Jan 26, 2024 PoC Published
- Jan 26, 2024 PoC Published
- Jan 26, 2024 PoC Published
- Jan 28, 2024 PoC Published
- Jan 30, 2024 PoC Published
- Jan 30, 2024 PoC Published
- Jan 30, 2024 PoC Published
- Jan 30, 2024 PoC Published
- Jan 30, 2024 PoC Published
- Jan 31, 2024 EPSS Score