Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2024-7110HistoryAug 22, 2024 - 4:15 p.m.
CVE-2024-7110
2024-08-2216:15:10
Debian Security Bug Tracker
security-tracker.debian.org
3
gitlab ee
versions
arbitrary command execution
prompt injection
unix
CVSS3
6.4
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
AI Score
8
Confidence
Low
EPSS
0.001
Percentile
30.4%
An issue was discovered in GitLab EE affecting all versions starting 17.0 to 17.1.6, 17.2 prior to 17.2.4, and 17.3 prior to 17.3.1 allows an attacker to execute arbitrary command in a victim’s pipeline through prompt injection.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 999 | all | gitlab | < 16.8.4-1 | gitlab_16.8.4-1_all.deb |
Related
osv
osv
BIT-gitlab-2024-7110
2024-08-26 08:28:53
CVE-2024-7110
2024-08-22 16:15:10
cvelist
cvelist
nessus
nessus
GitLab 17.1 < 17.1.6 / 17.2 < 17.2.4 / 17.3 < 17.3.1 (CVE-2024-7110)
2024-08-22 00:00:00
FreeBSD : Gitlab -- vulnerabilities (49ef501c-62b6-11ef-bba5-2cf05da270f3)
2024-08-25 00:00:00
vulnrichment
vulnrichment
nvd
nvd
CVE-2024-7110
2024-08-22 16:15:10
cve
cve
CVE-2024-7110
2024-08-22 16:15:10
ubuntucve
ubuntucve
CVE-2024-7110
2024-08-22 00:00:00
freebsd
freebsd
Gitlab -- vulnerabilities
2024-08-21 00:00:00
CVSS3
6.4
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
AI Score
8
Confidence
Low
EPSS
0.001
Percentile
30.4%
Related for DEBIANCVE:CVE-2024-7110