VDB

CVE-2024-6356

CVE-2024-6356 PUBLISHED

An issue was discovered in GitLab EE affecting all versions starting from 16.0 prior to 17.0.6, starting from 17.1 prior to 17.1.4, and starting from 17.2 prior to 17.2.2, which allowed cross project access for Security policy bot.

EPSS 0.04% · 11.6th percentile

Risk Scores

EPSS Score
0.04%
11.6th percentile

Affected Products

VendorProductVersions
Bitnamigitlab16.0.0
Bitnamigitlab16.0.0

Timeline

  • Jan 21, 1970 Security Advisory
  • Aug 7, 2024 CVE Published
  • Aug 8, 2024 CVE Updated
  • Aug 20, 2024 PoC Published
  • Feb 5, 2025 PoC Published
  • Feb 5, 2025 PoC Published
  • Feb 5, 2025 PoC Published
  • Feb 6, 2025 EPSS Score
  • Feb 6, 2025 PoC Published
  • Feb 21, 2025 EPSS Score
  • Mar 8, 2025 EPSS Score
  • Mar 22, 2025 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›