GitLab 中的授权不正确(CVE-2024-11669)
CVE编号
CVE-2024-11669
利用情况
暂无
补丁情况
N/A
披露时间
2024-11-27
漏洞描述
An issue was discovered in GitLab CE/EE affecting all versions from 16.9.8 before 17.4.5, 17.5 before 17.5.3, and 17.6 before 17.6.1. Certain API endpoints could potentially allow unauthorized access to sensitive data due to overly broad application of token scopes.
解决建议
建议您更新当前系统或软件至最新版,完成漏洞的修复。
文章评论