Linux Distros Unpatched Vulnerability : CVE-2024-3958

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions before 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2. An issue was found that allow...

BIT-GITLAB-2024-3958 Improper Control of Generation of Code ('Code Injection') in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions before 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2. An issue was found that allows someone to abuse a discrepancy between the Web application display and the git command line interface to social engineer victims into...

CVE-2024-3958

CVE-2024-3958 : GitLab CE/EE contains a discrepancy between the Web UI display and the git CLI that can be abused to social engineer victims into cloning non-trusted code. Affected versions are all before 17.0.6, 17.1 before 17.1.4, and 17.2 before 17.2.2. Mitigation per linked sources: GitLab fi...

CVE-2024-3958

Removed by vendor...

CVE-2024-3958 Improper Control of Generation of Code ('Code Injection') in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions before 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2. An issue was found that allows someone to abuse a discrepancy between the Web application display and the git command line interface to social engineer victims into...

GitLab < 17.0.6 / 17.1 < 17.1.4 / 17.2 < 17.2.2 (CVE-2024-3958)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions before 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2. An issue was found that allows someone to abuse a discrepancy between...

PT-2024-5509 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions prior to 17.0.6 GitLab CE/EE version 17.1 prior to 17.1.4 GitLab CE/EE version 17.2 prior to 17.2.2 Description: The issue allows someone to abuse a discrepancy between the Web application display and the git command lin...

UBUNTU-CVE-2023-2013

An issue has been discovered in GitLab CE/EE affecting all versions starting from 1.2 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. An issue was found that allows someone to abuse a discrepancy between the Web application display a...

CVE-2023-2013

An issue has been discovered in GitLab CE/EE affecting all versions starting from 1.2 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. An issue was found that allows someone to abuse a discrepancy between the Web application display a...

CVE-2023-2013

CVE-2023-2013 affects GitLab CE/EE with versions starting from 1.2 up to 15.10.8, versions from 15.11 up to 15.11.7, and 16.0 up to 16.0.2. The issue arises from a discrepancy between the web application display and the Git CLI, which can be abused to social engineer victims into cloning non-trus...

EulerOS 2.0 SP10 : git (EulerOS-SA-2022-1520)

According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Cygwin Git is a patch set for the git command line tool for the cygwin environment. A specially crafted repository that contains symbolic links as...

Command injection

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab was not validating a Deploy-Token and allowed a disabled repository be accessible via a git command line...

CVE-2020-13316

CVE-2020-13316 affects GitLab versions before 13.1.10, 13.2.8, and 13.3.4. The root cause is that Deploy-Token validation was not performed, allowing access to a disabled repository via a git command line. The impact is exposure of otherwise inaccessible repositories, enabling an attacker with ne...