vulnerability

FreeBSD: VID-24c88add-4a3e-11ef-86d7-001b217b3468 (CVE-2024-0231): Gitlab -- Vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
3	(AV:N/AC:L/Au:M/C:N/I:P/A:N)	Jul 25, 2024	Jul 25, 2024	Mar 25, 2026

Severity

CVSS

(AV:N/AC:L/Au:M/C:N/I:P/A:N)

Published

Jul 25, 2024

Added

Jul 25, 2024

Modified

Mar 25, 2026

Description

Gitlab reports: XSS via the Maven Dependency Proxy Project level analytics settings leaked in DOM Reports can access and download job artifacts despite use of settings to prevent it Direct Transfer - Authorised project/group exports are accessible to other users Bypassing tag check and branch check through imports Project Import/Export - Make project/group export files hidden to everyone except user who initiated it

Solutions

freebsd-upgrade-package-gitlab-cefreebsd-upgrade-package-gitlab-ee

References

CVE-2024-0231
https://attackerkb.com/topics/CVE-2024-0231
CWE-99
CWE-74
EUVD-EUVD-2024-16029
https://euvd.enisa.europa.eu/vulnerability/EUVD-2024-16029

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report