VDB

CVE-2024-8977

CVE-2024-8977 PUBLISHED

An issue has been discovered in GitLab EE affecting all versions starting from 15.10 prior to 17.2.9, from 17.3 prior to 17.3.5, and from 17.4 prior to 17.4.2. Instances with Product Analytics Dashboard configured and enabled could be vulnerable to SSRF attacks.

EPSS 0.06% · 19.8th percentile

Risk Scores

EPSS Score
0.06%
19.8th percentile

Affected Products

VendorProductVersions
Bitnamigitlab15.10.0, 17.4.0, 17.3.0
Bitnamigitlab15.10.0, 17.3.0, 17.4.0

Timeline

  • Jan 21, 1970 Security Advisory
  • Oct 9, 2024 CVE Published
  • Oct 11, 2024 EPSS Score
  • Oct 14, 2024 Coalition ESS Score
  • Oct 17, 2024 Coalition ESS Score
  • Oct 30, 2024 EPSS Score
  • Nov 15, 2024 Coalition ESS Score
  • Nov 18, 2024 EPSS Score
  • Dec 7, 2024 EPSS Score
  • Dec 26, 2024 EPSS Score
  • Jan 14, 2025 EPSS Score
  • Jan 22, 2025 Coalition ESS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›