Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2024/11/15 12:0 a.m.12 views

GitLab 17.2 < 17.3.7 / 17.4 < 17.4.4 / 17.5 < 17.5.2 (CVE-2024-7404)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue was discovered in GitLab CE/EE affecting all versions starting from 17.2 prior to 17.3.7, starting from 17.4 prior to 17.4.4 and starting from 17.5 prior to 17.5.2, which could have allowed a...

6.8CVSS5.7AI score0.00538EPSS
Exploits0References5
NVD
NVD
added 2024/11/14 1:15 p.m.22 views

CVE-2024-7404

An issue was discovered in GitLab CE/EE affecting all versions starting from 17.2 prior to 17.3.7, starting from 17.4 prior to 17.4.4 and starting from 17.5 prior to 17.5.2, which could have allowed an attacker gaining full API access as the victim via the Device OAuth flow...

6.8CVSS0.00538EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/11/14 1:2 p.m.20 views

CVE-2024-7404 Improper Restriction of Rendered UI Layers or Frames in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 17.2 prior to 17.3.7, starting from 17.4 prior to 17.4.4 and starting from 17.5 prior to 17.5.2, which could have allowed an attacker gaining full API access as the victim via the Device OAuth flow...

6.8CVSS6.5AI score0.00538EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/11/14 1:2 p.m.28 views

CVE-2024-7404 Improper Restriction of Rendered UI Layers or Frames in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 17.2 prior to 17.3.7, starting from 17.4 prior to 17.4.4 and starting from 17.5 prior to 17.5.2, which could have allowed an attacker gaining full API access as the victim via the Device OAuth flow...

6.8CVSS0.00538EPSS
Exploits0References3
OSV
OSV
added 2024/11/14 1:2 p.m.14 views

CVE-2024-7404 Improper Restriction of Rendered UI Layers or Frames in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 17.2 prior to 17.3.7, starting from 17.4 prior to 17.4.4 and starting from 17.5 prior to 17.5.2, which could have allowed an attacker gaining full API access as the victim via the Device OAuth flow...

6.8CVSS6.5AI score0.00538EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2024/11/14 1:2 p.m.25 views

CVE-2024-7404

Removed by vendor...

6.8CVSS5.8AI score0.00538EPSS
Exploits0
Circl
Circl
added 2024/11/13 2:8 p.m.11 views

CVE-2024-7404

creationtimestamp| type| source ---|---|--- 2024-11-13 14:08:31+00:00| seen| https://infosec.exchange/users/screaminggoat/statuses/113476036942359070 2024-11-14 13:20:05+00:00| seen| https://infosec.exchange/users/cve/statuses/113481508804815656 2024-11-14 14:59:02+00:00| seen|...

6.8CVSS4.8AI score0.00538EPSS
Exploits0References3
Rows per page
Query Builder