CVE-2024-8974

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-8974
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-8974.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-8974
Aliases
Related
Published
2024-09-26T23:15:03Z
Modified
2024-10-07T23:30:58Z
Severity
  • 4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
Summary
[none]
Details

Information disclosure in Gitlab EE/CE affecting all versions from 15.6 prior to 17.2.8, 17.3 prior to 17.3.4, and 17.4 prior to 17.4.1 in specific conditions it was possible to disclose to an unauthorised user the path of a private project."

References

Affected packages

Git / gitlab.com/gitlab-org/gitlab

Affected ranges

Type
GIT
Repo
https://gitlab.com/gitlab-org/gitlab
Events