VDB
CVE-2024-9870
CVE-2024-9870
PUBLISHED
An external service interaction vulnerability in GitLab EE affecting all versions from 15.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 allows an attacker to send requests from the GitLab server to unintended services.
EPSS 0.03% · 8.1th percentile
Risk Scores
EPSS Score
0.03%
8.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | gitlab | 15.11.0 |
| Bitnami | gitlab | 15.11.0 |
Timeline
- Jan 21, 1970 Security Advisory
- Feb 11, 2025 CVE Published
- Feb 12, 2025 Coalition ESS Score
- Feb 12, 2025 PoC Published
- Feb 12, 2025 PoC Published
- Feb 12, 2025 PoC Published
- Feb 13, 2025 EPSS Score
- Feb 28, 2025 EPSS Score
- Mar 5, 2025 CVE Updated
- Mar 14, 2025 EPSS Score
- Mar 29, 2025 EPSS Score
- Apr 12, 2025 EPSS Score