Security Advisory

CVE-2024-9633

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-11-14 13:30:57

Last updated 2024-12-06 10:34:30

Assigner GitLab

State PUBLISHED

Description

An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.3 before 17.4.2, all versions starting from 17.5 before 17.5.4, all versions starting from 17.6 before 17.6.2. This issue allows an attacker to create a group with a name matching an existing unique Pages domain, potentially leading to domain confusion attacks.

← Browse all CVEs View on cve.org ↗