An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.7 before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1 where personal access scopes were not honored by GraphQL subscriptions
History

Thu, 12 Dec 2024 17:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:16.11.0:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:16.11.0:*:*:*:enterprise:*:*:*

Thu, 29 Aug 2024 15:15:00 +0000

Type Values Removed Values Added
First Time appeared Gitlab
Gitlab gitlab
CPEs cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
Vendors & Products Gitlab
Gitlab gitlab

cve-icon MITRE

Status: PUBLISHED

Assigner: GitLab

Published: 2024-04-25T13:30:36.721Z

Updated: 2024-09-17T15:48:59.440Z

Reserved: 2024-04-19T17:02:07.129Z

Link: CVE-2024-4006

cve-icon Vulnrichment

Updated: 2024-08-01T20:26:57.281Z

cve-icon NVD

Status : Analyzed

Published: 2024-04-25T14:15:09.667

Modified: 2024-12-12T17:10:26.743

Link: CVE-2024-4006

cve-icon Redhat

No data.