Lucene search
GoogleOSV:CVE-2024-5655HistoryJun 27, 2024 - 12:15 a.m.
CVE-2024-5655
2024-06-2700:15:12
Google
osv.dev
4
gitlab
security issue
unauthorized access
software vulnerability
CVSS3
9.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
AI Score
6.3
Confidence
Low
An issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows an attacker to trigger a pipeline as another user under certain circumstances.
Related
cvelist
cvelist
CVE-2024-5655 Improper Access Control in GitLab
2024-06-26 23:30:55
nessus
nessus
GitLab 15.8 < 16.11.5 / 17.0 < 17.0.3 / 17.1 < 17.1.1 (CVE-2024-5655)
2024-06-27 00:00:00
FreeBSD : Gitlab -- Vulnerabilities (589de937-343f-11ef-8a7b-001b217b3468)
2024-06-27 00:00:00
ubuntucve
ubuntucve
CVE-2024-5655
2024-06-27 00:00:00
vulnrichment
vulnrichment
CVE-2024-5655 Improper Access Control in GitLab
2024-06-26 23:30:55
cve
cve
CVE-2024-5655
2024-06-27 00:15:12
debiancve
debiancve
CVE-2024-5655
2024-06-27 00:15:12
osv
osv
BIT-gitlab-2024-5655
2024-06-28 07:19:05
UBUNTU-CVE-2024-5655
2024-06-27 00:15:00
nvd
nvd
CVE-2024-5655
2024-06-27 00:15:12
wallarmlab
wallarmlab
thn
thn
Urgent: GitLab Patches Critical Flaw Allowing Unauthorized Pipeline Job Execution
2024-09-12 15:55:00
GitLab Patches Critical Flaw Allowing Unauthorized Pipeline Jobs
2024-07-11 03:51:00
freebsd
freebsd
Gitlab -- Vulnerabilities
2024-06-26 00:00:00
CVSS3
9.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
AI Score
6.3
Confidence
Low
Related for OSV:CVE-2024-5655