GitLab 中缺少授权(CVE-2024-8114)
CVE编号
CVE-2024-8114
利用情况
暂无
补丁情况
N/A
披露时间
2024-11-27
漏洞描述
An issue has been discovered in GitLab CE/EE affecting all versions from 8.12 before 17.4.5, 17.5 before 17.5.3, and 17.6 before 17.6.1. This issue allows an attacker with access to a victim's Personal Access Token (PAT) to escalate privileges.
解决建议
建议您更新当前系统或软件至最新版,完成漏洞的修复。
文章评论