CVE-2024-9387

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2024-9387

Severity

Unknown

Description

An issue was discovered in GitLab CE/EE affecting all versions from 11.8 before 17.4.6, 17.5 before 17.5.4, and 17.6 before 17.6.2. An attacker could potentially perform an open redirect against a given releases API endpoint.

References

https://images.chainguard.dev/security/CGA-79c5-5747-rrhp
https://github.com/advisories/GHSA-v6xp-h7ww-6xqf
https://images.chainguard.dev/security/CGA-qrfm-qrgj-cf4r
https://images.chainguard.dev/security/CGA-r9w2-gx4c-9x3p
https://images.chainguard.dev/security/CGA-62qq-g64w-jmpx
https://images.chainguard.dev/security/CGA-g7xx-2j79-4qxg
https://images.chainguard.dev/security/CGA-5gfc-wh46-v5wm
https://images.chainguard.dev/security/CGA-8q6j-jm53-g9g8
https://images.chainguard.dev/security/CGA-p8c9-jvjw-8c2j
https://images.chainguard.dev/security/CGA-2qv6-5j4c-3486
https://images.chainguard.dev/security/CGA-mgj5-r6gv-hh92
https://images.chainguard.dev/security/CGA-m747-p8vg-gf9p
https://images.chainguard.dev/security/CGA-c4vg-69gf-ph24
https://images.chainguard.dev/security/CGA-276m-34cv-cqg5
https://images.chainguard.dev/security/CGA-pg3c-2wxg-wp87
https://images.chainguard.dev/security/CGA-65f6-36p7-3qc9
https://images.chainguard.dev/security/CGA-56hp-863v-x4j7
https://images.chainguard.dev/security/CGA-6944-36pr-676p
https://images.chainguard.dev/security/CGA-5x6x-vqxp-pj2c
https://images.chainguard.dev/security/CGA-v36p-r969-qq8g
https://images.chainguard.dev/security/CGA-mr78-6cqj-hghg
https://images.chainguard.dev/security/CGA-cf9g-f3xv-6jw9
https://images.chainguard.dev/security/CGA-6v29-rr8x-9jhc
https://images.chainguard.dev/security/CGA-8c4x-4x7h-x75r
https://images.chainguard.dev/security/CGA-hjmq-8jf8-3vr5
https://images.chainguard.dev/security/CGA-rhfw-vcmv-cqff
https://images.chainguard.dev/security/CGA-w6cv-6mf2-p667
https://images.chainguard.dev/security/CGA-mg25-7x3j-rjh6
https://images.chainguard.dev/security/CGA-4vm2-mv54-xw93
https://images.chainguard.dev/security/CGA-jfjv-xmqv-63f7
https://images.chainguard.dev/security/CGA-p569-hfw6-fcrm
https://images.chainguard.dev/security/CGA-64wp-xqxj-7xr9
https://images.chainguard.dev/security/CGA-58p4-h33r-crh4
https://images.chainguard.dev/security/CGA-79fr-pxqh-788w
https://images.chainguard.dev/security/CGA-cp8w-cfr5-hr4x
https://images.chainguard.dev/security/CGA-jh4r-83g6-9rgh
https://images.chainguard.dev/security/CGA-jfv9-v4w3-f86g
https://images.chainguard.dev/security/CGA-xp4h-wf6v-w5fr
https://images.chainguard.dev/security/CGA-fgp2-wxhg-hhc7
https://images.chainguard.dev/security/CGA-4cvg-947w-6vh5
https://images.chainguard.dev/security/CGA-3ff2-gjfj-gjm5
https://images.chainguard.dev/security/CGA-43w7-3xqc-63q8
https://images.chainguard.dev/security/CGA-grfg-5gcm-qw5v
https://images.chainguard.dev/security/CGA-qf2c-3x7g-rr77
https://images.chainguard.dev/security/CGA-46gh-43m9-vrw9
https://images.chainguard.dev/security/CGA-c4mj-c5hm-h99v
https://images.chainguard.dev/security/CGA-6388-5g77-9xpj
https://gitlab.com/gitlab-org/gitlab/-/issues/496659
https://hackerone.com/reports/2732235

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

Safe Source for Open Source™

Media Kit Contact Us

Private Policy

CVE-2024-9387

Severity

Description

References

Affected packages

Products

Why Chainguard

Customers

Company

Resources