CVE-2024-9773

LOW Year: 2024
CVSS v3 Score
3.7
Low
Weakness Type
CWE-77
View all →

Vulnerability Description

An issue was discovered in GitLab EE affecting all versions starting from 14.9 before 17.8.6, all versions starting from 17.9 before 17.8.3, all versions starting from 17.10 before 17.10.1. An input validation issue in the Harbor registry integration could have allowed a maintainer to add malicious code to the CLI commands shown in the UI.

Related Vulnerabilities

CVE-2021-38372

LOW
CVSS:3.7(Low)

In KDE Trojita 0.7, man-in-the-middle attackers can create new folders because untagged responses from an IMAP server are accepted before STARTTLS.

CWE-772021

CVE-2024-8402

LOW
CVSS:3.7(Low)

An issue was discovered in GitLab EE affecting all versions starting from 17.2 before 17.7.7, all versions starting from 17.8 before 17.8.5, all versions starting from 17.9 before 17.9.2. An input val...

CWE-772024

CVE-2024-32314

LOW
CVSS:3.8(Low)

Tenda AC500 V2.0.1.9(1307) firmware contains a command injection vulnerablility in the formexeCommand function via the cmdinput parameter.

CWE-772024

CVE-2024-34218

LOW
CVSS:3.8(Low)

TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the NTPSyncWithHost function via the hostTime parameter.

CWE-772024

CVE-2024-34713

LOW
CVSS:3.5(Low)

sshproxy is used on a gateway to transparently proxy a user SSH connection on the gateway to an internal host via SSH. Prior to version 1.6.3, any user authorized to connect to a ssh server using `ssh...

CWE-772024

CVE-2024-54681

LOW
CVSS:3.5(Low)

Multiple bash files were present in the application's private directory. Bash files can be used on their own, by an attacker that has already full access to the mobile platform to compromise the trans...

CWE-772024