CVE-2024-9163
LOWDescription
A business logic error in GitLab CE/EE affecting all versions starting from 12.1 prior to 17.10.7, 17.11 prior to 17.11.3 and 18.0 prior to 18.0.1 where an attacker can cause a branch name confusion in confidential MRs.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| gitlab | gitlab |
| gitlab | gitlab |
| gitlab | gitlab |
| gitlab | gitlab |
| gitlab | gitlab |
| gitlab | gitlab |
References
Frequently Asked Questions
What is CVE-2024-9163? +
How severe is CVE-2024-9163? +
What products are affected by CVE-2024-9163? +
How do I check if I'm vulnerable to CVE-2024-9163? +
Related Vulnerabilities
User Interface (UI) Misrepresentation of Critical Information vulnerability in DocuSeal allows Content Spoofing.Displayed version does not show the layer flattened …
User Interface (UI) Misrepresentation of Critical Information vulnerability in DropBox Sign(HelloSign) allows Content Spoofing. Displayed version does not show the …
User Interface (UI) Misrepresentation of Critical Information vulnerability in Documenso allows Content Spoofing.Displayed version does not show the layer flattened …
Focus incorrectly truncated URLs towards the beginning instead of around the origin. This vulnerability was fixed in Firefox 141.
HCL BigFix RunBookAI is affected by a Unvalidated Command Input / Potential Command Smuggling vulnerability. A flaw in a component's …
A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into …