Update 20250110001

Applied templated layout
wagov · Jan 10, 2025 · 58b6ff1 · 58b6ff1
1 parent 77ce498
commit 58b6ff1
Showing 1 changed file with 9 additions and 17 deletions.
diff --git a/docs/advisories/20250110001-GitLab-Critical-Updates-Advisory.md b/docs/advisories/20250110001-GitLab-Critical-Updates-Advisory.md
@@ -1,26 +1,18 @@
-# GitLab Releases Critical Updates Advisory - 20250110001
+# GitLab Releases Critical Updates - 20250110001
 
 ## Overview
 
-GitLab has released patches for crtical vulnerabilities discovered in GitLab CE/EE, which allows an attacker trigger a pipeline as another user under certain circumstances.
-
-## What is the vulnerability?
-
-| CVE                                                             | Severity     | CVSS |
-| --------------------------------------------------------------- | ------------ | ---- |
-| [CVE-2024-5655](https://nvd.nist.gov/vuln/detail/CVE-2024-5655) | **Critical** | 9.6  |
-| [CVE-2024-6385](https://nvd.nist.gov/vuln/detail/CVE-2024-6385) | **Critical** | 9.6  |
-| [CVE-2024-6678](https://nvd.nist.gov/vuln/detail/CVE-2024-6678) | **Critical** | 9.9  |
-| [CVE-2024-8970](https://nvd.nist.gov/vuln/detail/CVE-2024-8970) | **High**     | 8.2  |
+GitLab has released critical updates for their GitLab Community Edition(CE) and GitLab Enterprise Edition (EE) products. Successful exploitation could allow an attacker trigger a pipeline as another user under certain circumstances.
 
 ## What is vulnerable?
 
-| Product(s) Affected |                                   |
-| ------------------- | --------------------------------- |
-| GitLab CE/EE        | **versions from** 8.14 to 17.1.7  |
-| GitLab CE/EE        | **versions from** 17.2 to 17.2.9  |
-| GitLab CE/EE        | **versions from** 17.3 to 17.3.5  |
-| GitLab CE/EE        | **versions from** 17.4 to 17.4.2  |
+| Product(s) Affected | Versions(s) | CVE  | Severity     | CVSS |
+| ------------------- | ----------- | ---- | ------------ | ---- |
+| GitLab CE/EE | - 15.8 < 16.11.5 <br> - 17.6 < 17.6.3 <br> - 17.7 < 17.7.1 | [CVE-2024-5655](https://nvd.nist.gov/vuln/detail/CVE-2024-5655) | 9.6  | **Critical** |
+| GitLab CE/EE | - 15.8 < 16.11.6 <br> - 17.0 < 17.0.4 <br> - 17.1 < 17.1.2 | [CVE-2024-6385](https://nvd.nist.gov/vuln/detail/CVE-2024-6385) | 9.6  | **Critical** |
+| GitLab CE/EE | - 8.14 < 17.1.7 <br> - 17.2 < 17.2.5 <br> - 17.3 < 17.3.2  | [CVE-2024-6678](https://nvd.nist.gov/vuln/detail/CVE-2024-6678) | 9.9  | **Critical** |
+| GitLab CE/EE | - 11.6 < 17.2.9 <br> - 17.3 < 17.3.5 <br> - 17.4 < 17.4.2  | [CVE-2024-8970](https://nvd.nist.gov/vuln/detail/CVE-2024-8970) | 8.2  | High |
+
 
 ## Recommendation