Summary
Released security updates resolving 14 vulnerabilities, including one with ‘critical’ and three with ‘high’ severity, in GitLab Community Edition (CE) and Enterprise Edition (EE).
Risk
Estimated impact of the vulnerability on the reference community: HIGH/ARANGE (66.15/100)1.
Type
- Data Manipulation
- Information Disclosure
- Information Leakage
- Security Restrictions Bypass
Affected products and/or versions
GitLab Community Edition (CE) and Enterprise Edition (EE)
Mitigation actions
In line with vendor statements, it is recommended that GitLab products be upgraded to the latest version available.
Unique Vulnerability Identifiers
Only vulnerabilities with “critical” and “high” severity are listed below:
References
https://about.gitlab.com/releases/2024/06/26/patch-release-gitlab-17-1-1-released
1This estimate is made taking into account several parameters, including: CVSS, availability of patches/workarounds and PoCs, prevalence of affected software/devices in the relevant community.
