CVE-2024-3958

CVSS 3.1 Score 8.1 of 10 (high)

Details

Published Aug 8, 2024
Updated: Aug 29, 2024
CWE ID 798
CWE ID 259

Summary

CVE-2024-3958: A vulnerability has been identified in GitLab CE/EE affecting versions before 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2. This issue permits an attacker to exploit a disparity between the Web application representation and the git command line interface to deceive victims into cloning untrusted code. This social engineering attack can potentially lead to security breaches and data exposure. Organizations using these GitLab versions are advised to update immediately to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share