Vulnerability Database

289,784

Total vulnerabilities in the database

CVE-2024-4784

An issue was discovered in GitLab EE starting from version 16.7 before 17.0.6, version 17.1 before 17.1.4 and 17.2 before 17.2.2 that allowed bypassing the password re-entry requirement to approve a policy.

  • Published: Aug 8, 2024
  • Updated: Aug 24, 2024
  • CVE: CVE-2024-4784
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.4
  • AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

CWEs:

OWASP TOP 10:

Software From Fixed in
gitlab / gitlab 17.2.0 17.2.2
gitlab / gitlab 17.1.0 17.1.4
gitlab / gitlab 16.7.0 17.0.6