Gitlab Web Ide Vscode Fork
Approved changes feed: RSS · Atom
cpe:2.3:a:gitlab:gitlab-web-ide-vscode-fork:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Gitlab (57573e99-56e6-5fad-895e-0ce7fffc5b90) |
|---|---|
| Product | Gitlab Web Ide Vscode Fork (f6228079-5f08-5ba7-a071-3bc74adb9ea6) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-10383 |
vulnerable | 2026-06-03 14:54:05.466707 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab VSCode Fork
HIGH (8.7)
An issue has been discovered in the gitlab-web-ide-vscode-fork component distributed over CDN affecting all versions prior to 1.89.1-1.0.0-dev-20241118094343and used by all versions of GitLab CE/EE starting from 15.11 prior to 17.3 and which also temporarily affected versions 17.4, 17.5 and 17.6, where a XSS attack was possible when loading .ipynb files in the web IDE
Published: 2025-02-07T14:12:41.757Z
Updated: 2025-02-12T15:17:24.562Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.