vulnerability

FreeBSD: VID-cc1ac01e-86b0-11ef-9369-2cf05da270f3 (CVE-2024-9596): Gitlab -- vulnerabilities

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:N/A:N)

Published

Oct 10, 2024

Added

Oct 11, 2024

Modified

Mar 25, 2026

Description

Gitlab reports: Run pipelines on arbitrary branches An attacker can impersonate arbitrary user SSRF in Analytics Dashboard Viewing diffs of MR with conflicts can be slow HTMLi in OAuth page Deploy Keys can push changes to an archived repository Guests can disclose project templates GitLab instance version disclosed to unauthorized users

Solutions

freebsd-upgrade-package-gitlab-cefreebsd-upgrade-package-gitlab-ee

References

CVE-2024-9596
https://attackerkb.com/topics/CVE-2024-9596
CWE-540
EUVD-EUVD-2024-50047
https://euvd.enisa.europa.eu/vulnerability/EUVD-2024-50047

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report