CVE-2024-3303

MEDIUM Year: 2024
CVSS v3 Score
6.4
Medium
Weakness Type
NVD-CWE-Other
View all →

Vulnerability Description

An issue was discovered in GitLab EE affecting all versions starting from 16.0 prior to 17.6.5, starting from 17.7 prior to 17.7.4, and starting from 17.8 prior to 17.8.2, which allows an attacker to exfiltrate contents of a private issue using prompt injection.

Related Vulnerabilities

CVE-2016-3115

MEDIUM
CVSS:6.4(Medium)

Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, rel...

NVD-CWE-Other2016

CVE-2016-3116

MEDIUM
CVSS:6.4(Medium)

CRLF injection vulnerability in Dropbear SSH before 2016.72 allows remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data.

NVD-CWE-Other2016

CVE-2016-3420

MEDIUM
CVSS:6.4(Medium)

Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.1.1, 9.3.1.2, 9.3.2, and 9.3.3 allows remote authenticated users to affect confidentiality and int...

NVD-CWE-Other2016

CVE-2016-3431

MEDIUM
CVSS:6.4(Medium)

Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.1.1, 9.3.1.2, 9.3.2, and 9.3.3 allows remote authenticated users to affect confidentiality and int...

NVD-CWE-Other2016

CVE-2016-3572

MEDIUM
CVSS:6.4(Medium)

Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite 8.3, 8.4, 15.1, 15.2, and 16.1 allows remote authenticated users to a...

NVD-CWE-Other2016

CVE-2016-5454

MEDIUM
CVSS:6.4(Medium)

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Verified Boot.

NVD-CWE-Other2016