VDB

CVE-2024-7586

CVE-2024-7586 PUBLISHED

An issue was discovered in GitLab EE affecting all versions starting from 17.0 prior to 17.0.6, starting from 17.1 prior to 17.1.4, and starting from 17.2 prior to 17.2.2, where webhook deletion audit log preserved auth credentials.

EPSS 0.02% · 6.7th percentile

Risk Scores

EPSS Score
0.02%
6.7th percentile

Affected Products

VendorProductVersions
Bitnamigitlab17.0.0
Bitnamigitlab17.0.0

Timeline

  • Jan 21, 1970 Security Advisory
  • Aug 7, 2024 CVE Published
  • Aug 8, 2024 CVE Updated
  • Aug 20, 2024 PoC Published
  • Jun 20, 2025 Coalition ESS Score
  • Jun 20, 2025 PoC Published
  • Jun 21, 2025 EPSS Score
  • Jun 24, 2025 Coalition ESS Score
  • Jul 1, 2025 EPSS Score
  • Jul 11, 2025 EPSS Score
  • Jul 21, 2025 EPSS Score
  • Jul 31, 2025 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›