An issue has been discovered discovered in GitLab EE/CE affecting all versions starting from 11.4 before 17.2.9, all versions starting from 17.3 before 17.3.5, all versions starting from 17.4 before 17.4.2 It was possible for guest users to disclose project templates using the API.
Metrics
Affected Vendors & Products
References
History
Thu, 12 Dec 2024 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | NVD-CWE-noinfo | |
CPEs | cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:* cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:* |
Fri, 11 Oct 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Fri, 11 Oct 2024 11:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | An issue has been discovered discovered in GitLab EE/CE affecting all versions starting from 11.4 before 17.2.9, all versions starting from 17.3 before 17.3.5, all versions starting from 17.4 before 17.4.2 It was possible for guest users to disclose project templates using the API. | |
Title | Incorrect Provision of Specified Functionality in GitLab | |
First Time appeared |
Gitlab
Gitlab gitlab |
|
Weaknesses | CWE-684 | |
CPEs | cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:* | |
Vendors & Products |
Gitlab
Gitlab gitlab |
|
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: GitLab
Published: 2024-10-11T11:30:57.104Z
Updated: 2024-10-11T13:41:55.311Z
Reserved: 2024-05-16T14:02:33.104Z
Link: CVE-2024-5005
Vulnrichment
Updated: 2024-10-11T13:41:50.961Z
NVD
Status : Analyzed
Published: 2024-10-11T13:15:16.317
Modified: 2024-12-12T19:55:10.777
Link: CVE-2024-5005
Redhat
No data.