VDB

CVE-2024-9870

CVE-2024-9870 PUBLISHED

An external service interaction vulnerability in GitLab EE affecting all versions from 15.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 allows an attacker to send requests from the GitLab server to unintended services.

EPSS 0.03% · 8.1th percentile

Risk Scores

EPSS Score
0.03%
8.1th percentile

Affected Products

VendorProductVersions
Bitnamigitlab15.11.0
Bitnamigitlab15.11.0

Timeline

  • Jan 21, 1970 Security Advisory
  • Feb 11, 2025 CVE Published
  • Feb 12, 2025 Coalition ESS Score
  • Feb 12, 2025 PoC Published
  • Feb 12, 2025 PoC Published
  • Feb 12, 2025 PoC Published
  • Feb 13, 2025 EPSS Score
  • Feb 28, 2025 EPSS Score
  • Mar 5, 2025 CVE Updated
  • Mar 14, 2025 EPSS Score
  • Mar 29, 2025 EPSS Score
  • Apr 12, 2025 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›