DirectorySecurity Advisories
Sign In
Security Advisories

CVE-2024-11669

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2024-11669

CGA ID

CGA-4q8f-27vc-mg5h

Severity

7.5

High

CVSS V3

Description

An issue was discovered in GitLab CE/EE affecting all versions from 16.9.8 before 17.4.5, 17.5 before 17.5.3, and 17.6 before 17.6.1. Certain API endpoints could potentially allow unauthorized access to sensitive data due to overly broad application of token scopes.

References

  • https://images.chainguard.dev/security/CGA-4q8f-27vc-mg5h

Affected packages


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images