VDB

CVE-2024-4283

CVE-2024-4283 PUBLISHED

An issue has been discovered in GitLab EE affecting all versions starting from 11.1 before 17.1.7, 17.2 before 17.2.5, and 17.3 before 17.3.2. Under certain conditions an open redirect vulnerability could allow for an account takeover by breaking the OAuth flow.

EPSS 0.03% · 11.0th percentile

Risk Scores

EPSS Score
0.03%
11.0th percentile

Affected Products

VendorProductVersions
Bitnamigitlab11.1.0, 17.2.0, 17.3.0
Bitnamigitlab11.1.0, 17.2.0, 17.3.0

Timeline

  • Jan 21, 1970 Security Advisory
  • Sep 11, 2024 CVE Published
  • Sep 15, 2024 CVE Updated
  • Sep 17, 2024 EPSS Score
  • Sep 17, 2024 PoC Published
  • Oct 4, 2024 Coalition ESS Score
  • Oct 7, 2024 EPSS Score
  • Oct 26, 2024 EPSS Score
  • Nov 14, 2024 Coalition ESS Score
  • Nov 15, 2024 EPSS Score
  • Nov 15, 2024 Coalition ESS Score
  • Dec 5, 2024 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›