Get Started

GitLab: Privilege Escalation via Personal Access Token (PAT)

by the Hossted team
28.11.2024

In GitLab CE/EE versions from 8.12 before 17.4.5, 17.5 before 17.5.3 and 17.6 before 17.6.1 a high severity vulnerability CVE-2024-8114 was detected. This vulnerability allows an attacker with access to a victim’s Personal Access Token (PAT) to escalate privileges. To address this issue, users must upgrade to GitLab CE/EE versions 17.4.5, 17.5.3, or 17.6.1 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-8114.

Related articles
OSSpedia
DevOps 2 Apr 2024 Maximize GitLab OSS: Powering DevOps with Open-Source Genius Developer Tools GIT
DevOps 14 Nov 2024 Gitlab: XSS Attacks in Specific Versions Developer Tools GIT