CVE-2024-7057
CVSS 3.1 Score 4.3 of 10 (medium)
Details
Published Jul 25, 2024
CWE ID 284
Summary
CVE-2024-7057 is an information disclosure vulnerability affecting multiple versions of GitLab CE/EE. Users without the appropriate authorization level can access job artifacts in versions 16.7 to 17.0.5, 17.1 to 17.1.3, and 17.2 to 17.2.1. This issue may expose sensitive data, posing a risk to security and privacy. Organizations using these versions should upgrade to the patched releases to mitigate this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- GitLab
Affected Vendors
- GitLab Inc.