vulnerability
FreeBSD: VID-cc1ac01e-86b0-11ef-9369-2cf05da270f3 (CVE-2024-9596): Gitlab -- vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:P/I:N/A:N) | Oct 10, 2024 | Oct 11, 2024 | Mar 25, 2026 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:P/I:N/A:N)
Published
Oct 10, 2024
Added
Oct 11, 2024
Modified
Mar 25, 2026
Description
Gitlab reports: Run pipelines on arbitrary branches An attacker can impersonate arbitrary user SSRF in Analytics Dashboard Viewing diffs of MR with conflicts can be slow HTMLi in OAuth page Deploy Keys can push changes to an archived repository Guests can disclose project templates GitLab instance version disclosed to unauthorized users
Solutions
freebsd-upgrade-package-gitlab-cefreebsd-upgrade-package-gitlab-ee
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.