CVE-2024-8641 - GitLab CE/EE CI Job Token Session Token Exposure

2 months ago 31
ARTICLE AD BOX
CVE ID : CVE-2024-8641
Published : Sept. 12, 2024, 7:15 p.m. | 24 minutes ago
Description : An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7 prior to 17.1.7, from 17.2 prior to 17.2.5, and from 17.3 prior to 17.3.2. It may have been possible for an attacker with a victim's CI_JOB_TOKEN to obtain a GitLab session token belonging to the victim.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Read Entire Article