CVE-2024-3035

NVD Published Date: August 08, 2024 at 11:15 AM
NVD Last Modified: August 29, 2024 at 03:55 PM
Download Patch
Vulnerability ID
CVE-2024-3035
Severity
HIGH
Severity Score
8.1
Summary
A permission check vulnerability in GitLab CE/EE affecting all versions starting from 8.12 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2 allowed for LFS tokens to read and write to the user owned repositories.
Mitigation and Patches
-
Exploits
-
Metasploit Payload
-
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
CWE ID
CWE-639

Recent Publish

CVE-2024-3958

CVE-2024-5423

CVE-2024-4207

CVE-2024-2800

CVE-2024-3114

CVE-2024-7348

See SecOps Solution
in action

Schedule Demo