BIT-gitlab-2024-10240
See a problem?- Import Source
- https://github.com/bitnami/vulndb/tree/main/data/gitlab/BIT-gitlab-2024-10240.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/BIT-gitlab-2024-10240
- Aliases
-
- CVE-2024-10240
- Published
- 2024-11-28T19:22:10.536Z
- Modified
- 2024-11-28T19:57:38.299434Z
- Summary
- [none]
- Details
-
An issue has been discovered in GitLab EE affecting all versions starting from 17.3 before 17.3.7, all versions starting from 17.4 before 17.4.4, all versions starting from 17.5 before 17.5.2 in which an unauthenticated user may be able to read some information about an MR in a private project, under certain circumstances.
- Database specific
{ "cpes": [ "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*" ], "severity": "Medium" }- References
Affected packages
Bitnami / gitlab
Package
- Name
- gitlab
- Purl
- pkg:bitnami/gitlab
Severity
- 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator