CVE-2024-11129

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-11129

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-11129.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-11129

Aliases

BIT-gitlab-2024-11129

Published

2025-04-10T13:15:43Z

Modified

2025-04-12T08:42:10.803603Z

Summary

[none]

Details

An issue has been discovered in GitLab EE affecting all versions from 17.1 before 17.8.7, 17.9 before 17.9.6, and 17.10 before 17.10.4. This allows attackers to perform targeted searches with sensitive keywords to get the count of issues containing the searched term."

References

https://gitlab.com/gitlab-org/gitlab/-/issues/503722
https://hackerone.com/reports/2717400

Affected packages

Git / gitlab.com/gitlab-org/gitlab

Affected ranges

Type: GIT
Repo: https://gitlab.com/gitlab-org/gitlab
Events: Introduced

b7514f9c21c09a9ed2b258f5cfdd56c88f43864a

Fixed

ffdf832af0a7b3bf4eb1a6d4d4fe4cd67f902e1f