GitLab 中的会话到期时间不足(CVE-2024-11668)
CVE编号
CVE-2024-11668
利用情况
暂无
补丁情况
N/A
披露时间
2024-11-27
漏洞描述
An issue has been discovered in GitLab CE/EE affecting all versions from 16.11 before 17.4.5, 17.5 before 17.5.3, and 17.6 before 17.6.1. Long-lived connections could potentially bypass authentication controls, allowing unauthorized access to streaming results.
解决建议
建议您更新当前系统或软件至最新版,完成漏洞的修复。
文章评论