CVE-2024-3958
CVSS 3.1 Score 8.1 of 10 (high)
Details
Published Aug 8, 2024
Updated: Aug 29, 2024
CWE ID 798
CWE ID 259
Summary
CVE-2024-3958: A vulnerability has been identified in GitLab CE/EE affecting versions before 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2. This issue permits an attacker to exploit a disparity between the Web application representation and the git command line interface to deceive victims into cloning untrusted code. This social engineering attack can potentially lead to security breaches and data exposure. Organizations using these GitLab versions are advised to update immediately to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share