• caglararli@hotmail.com
  • 05386281520

CVE-2024-8635 | GitLab Enterprise Edition up to 17.1.6/17.2.4/17.3.1 Maven Dependency Proxy URL server-side request forgery (Issue 455273)

Çağlar Arlı      -    10 Views

CVE-2024-8635 | GitLab Enterprise Edition up to 17.1.6/17.2.4/17.3.1 Maven Dependency Proxy URL server-side request forgery (Issue 455273)

A vulnerability was found in GitLab Enterprise Edition up to 17.1.6/17.2.4/17.3.1. It has been rated as critical. Affected by this issue is some unknown functionality of the component Maven Dependency Proxy URL Handler. The manipulation leads to server-side request forgery. This vulnerability is handled as CVE-2024-8635. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.