vulnerability

FreeBSD: VID-24c88add-4a3e-11ef-86d7-001b217b3468 (CVE-2024-7057): Gitlab -- Vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:L/Au:S/C:P/I:N/A:N)	Jul 25, 2024	Jul 25, 2024	Dec 10, 2025

Severity

CVSS

(AV:N/AC:L/Au:S/C:P/I:N/A:N)

Published

Jul 25, 2024

Added

Jul 25, 2024

Modified

Dec 10, 2025

Description

Gitlab reports: XSS via the Maven Dependency Proxy Project level analytics settings leaked in DOM Reports can access and download job artifacts despite use of settings to prevent it Direct Transfer - Authorised project/group exports are accessible to other users Bypassing tag check and branch check through imports Project Import/Export - Make project/group export files hidden to everyone except user who initiated it

Solutions

freebsd-upgrade-package-gitlab-cefreebsd-upgrade-package-gitlab-ee

References

CVE-2024-7057
https://attackerkb.com/topics/CVE-2024-7057
CWE-284

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today