VDB

CVE-2024-3303

CVE-2024-3303 PUBLISHED

An issue was discovered in GitLab EE affecting all versions starting from 16.0 prior to 17.6.5, starting from 17.7 prior to 17.7.4, and starting from 17.8 prior to 17.8.2, which allows an attacker to exfiltrate contents of a private issue using prompt injection.

EPSS 0.14% · 34.0th percentile

Risk Scores

EPSS Score
0.14%
34.0th percentile

Affected Products

VendorProductVersions
Bitnamigitlab16.0.0
Bitnamigitlab16.0.0

Timeline

  • Jan 21, 1970 Security Advisory
  • Feb 11, 2025 CVE Published
  • Feb 13, 2025 PoC Published
  • Feb 13, 2025 PoC Published
  • Feb 13, 2025 PoC Published
  • Feb 13, 2025 PoC Published
  • Feb 13, 2025 PoC Published
  • Feb 14, 2025 EPSS Score
  • Feb 14, 2025 PoC Published
  • Feb 14, 2025 PoC Published
  • Feb 28, 2025 EPSS Score
  • Mar 5, 2025 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›