VDB
CVE-2024-12093
CVE-2024-12093
PUBLISHED
An issue has been discovered in GitLab CE/EE affecting all versions from 11.1 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. Improper XPath validation allows modified SAML response to bypass 2FA requirement under specialized conditions.
EPSS 0.06% · 18.0th percentile
Risk Scores
EPSS Score
0.06%
18.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | gitlab | 11.1.0, 18.0.0 |
| Bitnami | gitlab | 18.0.0, 11.1.0 |
Timeline
- Jan 21, 1970 Security Advisory
- May 21, 2025 CVE Published
- May 22, 2025 Coalition ESS Score
- May 22, 2025 PoC Published
- May 22, 2025 CVE Updated
- May 23, 2025 EPSS Score
- May 23, 2025 Coalition ESS Score
- Jun 3, 2025 EPSS Score
- Jun 14, 2025 EPSS Score
- Jun 25, 2025 EPSS Score
- Jul 6, 2025 EPSS Score
- Jul 18, 2025 EPSS Score