CVE-2024-9773

🗓️ 27 Mar 2025 12:31:27Reported by GitLabType

Input validation flaw in GitLab EE allows code injection in CLI commands via Harbor integration.

Reporter	Title	Published	Views	Family All 17
FreeBSD	Gitlab -- Vulnerabilities	26 Mar 202500:00	–	freebsd
Circl	CVE-2024-9773	27 Mar 202514:58	–	circl
CNNVD	GitLab Enterprise Edition（EE）命令注入漏洞	27 Mar 202500:00	–	cnnvd
Cvelist	CVE-2024-9773 Improper Neutralization of Special Elements used in a Command ('Command Injection') in GitLab	27 Mar 202512:31	–	cvelist
Debian CVE	CVE-2024-9773	27 Mar 202512:31	–	debiancve
EUVD	EUVD-2024-54314	3 Oct 202520:07	–	euvd
Tenable Nessus	FreeBSD : Gitlab -- Vulnerabilities (1daa2814-0a6c-11f0-b4e4-2cf05da270f3)	27 Mar 202500:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2024-9773	30 Aug 202500:00	–	nessus
NCSC	Vulnerabilities fixed in GitLab EE/CE	27 Mar 202514:49	–	ncsc
NVD	CVE-2024-9773	27 Mar 202513:15	–	nvd

NVD

Vulners

Node

gitlab gitlabRange14.9.0–17.8.6enterprise

gitlab gitlabRange17.9.0–17.9.3enterprise

gitlab gitlabMatch17.10.0enterprise

[
  {
    "vendor": "GitLab",
    "product": "GitLab",
    "repo": "git://[email protected]:gitlab-org/gitlab.git",
    "cpes": [
      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
    ],
    "versions": [
      {
        "version": "14.9",
        "status": "affected",
        "lessThan": "17.8.6",
        "versionType": "semver"
      },
      {
        "version": "17.9",
        "status": "affected",
        "lessThan": "17.9.3",
        "versionType": "semver"
      },
      {
        "version": "17.10",
        "status": "affected",
        "lessThan": "17.10.1",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
hackerone	www.hackerone.com/reports/2671808
gitlab	www.gitlab.com/gitlab-org/gitlab/-/issues/498557

13 Aug 2025 01:20Current

4.1Medium risk

Vulners AI Score4.1

CVSS 3.13.7 - 8

EPSS0.00036

SSVC

CWE-77