Synthesis
Released security updates that address 6 vulnerabilities, including one with “critical” severity, in GitLab Community Edition (CE) and Enterprise Edition (EE).
Risk
Estimated impact of vulnerabilities on the reference community: HIGH/ORANGE (66.15/100)1 .
Type
- Data Manipulation
- Information Disclosure
- Security Restrictions Bypass
Affected products and/or versions
GitLab Community Edition (CE) and Enterprise Edition (EE).
Mitigation actions
In line with vendor statements, it is recommended to update GitLab products to the latest version available.
Unique vulnerability identifiers
Below are only the vulnerabilities with “critical” severity:
References
https://about.gitlab.com/releases/2024/07/10/patch-release-gitlab-17-1-2-released
1This estimate is carried out taking into account various parameters, including: CVSS, availability of patches/workarounds and PoC, diffusion of the affected software/devices in the reference community.
