Analysis Summary

CVE-2024-5470 CVSS:3.8

GitLab Community Edition and Enterprise Edition could allow a remote authenticated attacker to bypass security restrictions. By sending a specially crafted request, an attacker could exploit this vulnerability to create project-level deploy tokens.\

CVE-2024-2880 CVSS:2.7

GitLab Community Edition and Enterprise Edition could allow a remote authenticated attacker to bypass security restrictions. By sending a specially crafted request, an attacker could exploit this vulnerability to ban group members.

CVE-2024-6385 CVSS:9.6

GitLab Community Edition and Enterprise Edition could allow a remote authenticated attacker to bypass security restrictions. By sending a specially crafted request, an attacker could exploit this vulnerability to run pipeline jobs as an arbitrary user.

CVE-2024-5257 CVSS:4.9

GitLab Community Edition and Enterprise Edition could allow a remote authenticated attacker to bypass security restrictions. By sending a specially crafted request, an attacker could exploit this vulnerability to change group URL.

CVE-2024-6595 CVSS:3

GitLab Community Edition and Enterprise Edition could allow a remote authenticated attacker to bypass security restrictions. By sending a specially crafted request, an attacker could exploit this vulnerability to upload an NPM package with conflicting package data.

CVE-2024-5528 CVSS:3.5

GitLab Community Edition and Enterprise Edition could allow a remote authenticated attacker to bypass security restrictions. By sending a specially crafted request, an attacker could exploit this vulnerability to perform a subdomain takeover in GitLab Pages.

Impact

• Security Bypass

Indicators of Compromise

CVE

• CVE-2024-5470
• CVE-2024-2880
• CVE-2024-6385
• CVE-2024-5257
• CVE-2024-6595
• CVE-2024-5528

Affected Vendors

Remediation

Upgrade to the latest version of GitLab, available from the GitLab Website.

GitLab Website