VDB

GCVE-VVD-NCSC-2024-237

GCVE-VVD-NCSC-2024-237
Advisory PublishedCVSS 4.3/10
Vulnetix · Advisory published May 27, 2024
GitLab heeft kwetsbaarheden verholpen in Enterprise Edition (EE) en Community Edition (CE).
Download JSON Open in Console

Weaknesses (CWE)

CWE-400Uncontrolled Resource ConsumptionCWE-352Cross-Site Request Forgery (CSRF)CWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')CWE-639Authorization Bypass Through User-Controlled KeyCWE-284Improper Access Control

Risk Scores

CVSS 3.1
4.3/10
Medium · CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Affected Products

VendorProductVersionsPlatforms
gitlabgitlab

Aliases

CVE-2024-4835CVE-2024-2874CVE-2023-7045CVE-2023-6502CVE-2024-5258CVE-2024-1947CVE-2024-5318

Transitive aliases

GHSA-9r4p-g7c7-2c4rEUVD-2024-44417EUVD-2023-59232VVD-ANCHORE-2024-5258VVD-CISA-2024-1947BIT-gitlab-2024-2874BIT-gitlab-2023-6502GHSA-9xx7-rp3v-8694VVD-ANCHORE-2023-7045GHSA-mmc8-x8mq-826cVVD-CISA-2024-2874BDU:2024-04670VVD-CISA-2024-5258EUVD-2024-27818VVD-CISA-2024-4835VVD-ANCHORE-2023-6502EUVD-2023-58733GSD-2023-6502VVD-ANCHORE-2024-5318GHSA-w2rm-x498-v7f9BIT-gitlab-2024-5258VVD-ANCHORE-2024-4835EUVD-2024-46548BIT-GITLAB-2024-5258BIT-gitlab-2024-1947VVD-ANCHORE-2024-1947GHSA-h2fc-m4gm-6mg8BIT-gitlab-2024-4835VVD-CISA-2023-6502VVD-CISA-2023-7045GHSA-r6p6-7q5h-jc4xBIT-GITLAB-2024-5318BIT-gitlab-2023-7045BDU:2024-04669BDU:2024-04668EUVD-2024-17668VVD-ANCHORE-2024-2874BDU:2024-04900BIT-gitlab-2024-5318VVD-CISA-2024-5318EUVD-2024-46496BDU:2024-04604

References

advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›