GitLab Product Security Update Advisory

Nov 15 2024

Overview

We have released security updates to fix vulnerabilities in GitLab products. users of affected products are advised to update to the latest version.

Affected Products

CVE-2024-9693

GitLab CE/EE versions: 16.0 (inclusive) to 17.3.7 (excluded)
GitLab CE/EE versions: 17.4 (inclusive) to 17.4.4 (excluded)
GitLab CE/EE versions: 17.5 (inclusive) to 17.5.2 (excluded)

Resolved Vulnerabilities

Vulnerability that could allow unauthorized access to the Kubernetes agent in a cluster based on certain configurations (CVE-2024-9693)

Vulnerability Patches

vulnerability patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2024-9693

GitLab CE/EE version: 17.3.7
GitLab CE/EE Version: 17.4.4
GitLab CE/EE version: 17.5.2

references

[1] CVE-2024-9693 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-9693

[2] GitLab Patch Release: 17.5.2, 17.4.4, 17.3.7

https://about.gitlab.com/releases/2024/11/13/patch-release-gitlab-17-5-2-released/

GitLab Product Security Update Advisory

Ivanti Product Security Update Advisory

Microsoft Product Suite November 2024 Security Update Advisory

Tags:

Ivanti Product Security Update Advisory

Microsoft Product Suite November 2024 Security Update Advisory