VDB
CVE-2024-3035
CVE-2024-3035
PUBLISHED
A permission check vulnerability in GitLab CE/EE affecting all versions starting from 8.12 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2 allowed for LFS tokens to read and write to the user owned repositories.
EPSS 0.04% · 13.9th percentile
Risk Scores
EPSS Score
0.04%
13.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | gitlab | 8.12.0, 17.1.0, 17.2.0 |
| Bitnami | gitlab | 17.1.0, 17.2.0, 8.12.0 |
Timeline
- Jan 21, 1970 Security Advisory
- Aug 7, 2024 CVE Published
- Aug 8, 2024 CVE Updated
- Aug 13, 2024 EPSS Score
- Sep 3, 2024 EPSS Score
- Sep 24, 2024 EPSS Score
- Oct 4, 2024 Coalition ESS Score
- Oct 14, 2024 EPSS Score
- Nov 4, 2024 EPSS Score
- Nov 25, 2024 EPSS Score
- Dec 17, 2024 EPSS Score
- Jan 7, 2025 EPSS Score