Lucene search
+L

6 matches found

redhatcve
redhatcve
added 2025/05/23 9:4 a.m.3 views

CVE-2024-5258

An authorization vulnerability exists within GitLab from versions 16.10 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1 where an authenticated attacker could utilize a crafted naming convention to bypass pipeline authorization logic...

4.4CVSS6.7AI score0.00275EPSS
Exploits1References1
nvd
nvd
added 2024/05/23 11:15 a.m.28 views

CVE-2024-5258

An authorization vulnerability exists within GitLab from versions 16.10 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1 where an authenticated attacker could utilize a crafted naming convention to bypass pipeline authorization logic...

4.4CVSS4.3AI score0.00275EPSS
Exploits1References1
vulnrichment
vulnrichment
added 2024/05/23 11:2 a.m.10 views

CVE-2024-5258 Authorization Bypass Through User-Controlled Key in GitLab

An authorization vulnerability exists within GitLab from versions 16.10 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1 where an authenticated attacker could utilize a crafted naming convention to bypass pipeline authorization logic...

4.4CVSS6.3AI score0.00275EPSS
Exploits1References1
cvelist
cvelist
added 2024/05/23 11:2 a.m.33 views

CVE-2024-5258 Authorization Bypass Through User-Controlled Key in GitLab

An authorization vulnerability exists within GitLab from versions 16.10 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1 where an authenticated attacker could utilize a crafted naming convention to bypass pipeline authorization logic...

4.4CVSS4.2AI score0.00275EPSS
Exploits1References1
cve
cve
added 2024/05/23 11:2 a.m.558 views

CVE-2024-5258

CVE-2024-5258 is an authorization bypass in GitLab. The vulnerability affects GitLab releases: 16.10 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1, where an authenticated attacker could exploit a crafted naming convention to bypass pipeline authorization logic. The issue impacts th...

4.4CVSS6.1AI score0.00275EPSS
Exploits1References1Affected Software1
nessus
nessus
added 2024/05/23 12:0 a.m.26 views

GitLab 16.10 < 16.10.6 / 16.11 < 16.11.3 / 17.0 < 17.0.1 (CVE-2024-5258)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An authorization vulnerability exists within GitLab from versions 16.10 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1 where an authenticated attacker could utilize a crafted naming...

4.4CVSS5.6AI score0.00275EPSS
Exploits1References3
Rows per page
Query Builder