Vulnerability Details CVE-2024-9183
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.4 prior to 18.4.5, 18.5 prior to 18.5.3, and 18.6 prior to 18.6.1 that could have allowed an authenticated user to obtain credentials from higher-privileged users and perform actions in their context under specific conditions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 0.7%
CVSS Severity
CVSS v3 Score 7.7
References
Products affected by CVE-2024-9183
-
cpe:2.3:a:gitlab:gitlab:*
-
cpe:2.3:a:gitlab:gitlab:18.4.0
-
cpe:2.3:a:gitlab:gitlab:18.4.1
-
cpe:2.3:a:gitlab:gitlab:18.4.2
-
cpe:2.3:a:gitlab:gitlab:18.4.3
-
cpe:2.3:a:gitlab:gitlab:18.4.4
-
cpe:2.3:a:gitlab:gitlab:18.5.0
-
cpe:2.3:a:gitlab:gitlab:18.5.1
-
cpe:2.3:a:gitlab:gitlab:18.5.2