VDB
CVE-2024-4283
CVE-2024-4283
PUBLISHED
An issue has been discovered in GitLab EE affecting all versions starting from 11.1 before 17.1.7, 17.2 before 17.2.5, and 17.3 before 17.3.2. Under certain conditions an open redirect vulnerability could allow for an account takeover by breaking the OAuth flow.
EPSS 0.03% · 11.0th percentile
Risk Scores
EPSS Score
0.03%
11.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | gitlab | 11.1.0, 17.2.0, 17.3.0 |
| Bitnami | gitlab | 11.1.0, 17.2.0, 17.3.0 |
Timeline
- Jan 21, 1970 Security Advisory
- Sep 11, 2024 CVE Published
- Sep 15, 2024 CVE Updated
- Sep 17, 2024 EPSS Score
- Sep 17, 2024 PoC Published
- Oct 4, 2024 Coalition ESS Score
- Oct 7, 2024 EPSS Score
- Oct 26, 2024 EPSS Score
- Nov 14, 2024 Coalition ESS Score
- Nov 15, 2024 EPSS Score
- Nov 15, 2024 Coalition ESS Score
- Dec 5, 2024 EPSS Score