admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-39xx/CVE-2024-3976.json
cad-safe-bot 03e4a37847 Auto-Update: 2025-02-16T03:00:21.640882+00:00
2025-02-16 03:03:51 +00:00

68 lines
2.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-3976",
"sourceIdentifier": "cve@gitlab.com",
"published": "2025-02-05T12:15:27.627",
"lastModified": "2025-02-05T20:15:44.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.0 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2. It was possible to disclose via the UI the confidential issues title and description from a public project to unauthorised instance users."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en GitLab CE/EE que afecta a todas las versiones desde la 14.0 hasta la 16.9.7, desde la 16.10 hasta la 16.10.5 y desde la 16.11 hasta la 16.11.2. Era posible divulgar a trav\u00e9s de la interfaz de usuario el t\u00edtulo y la descripci\u00f3n de problemas confidenciales de un proyecto p\u00fablico a usuarios de instancias no autorizados."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@gitlab.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "cve@gitlab.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/457140",
"source": "cve@gitlab.com"
},
{
"url": "https://hackerone.com/reports/2470939",
"source": "cve@gitlab.com"
},
{
"url": "https://about.gitlab.com/releases/2024/05/08/patch-release-gitlab-16-11-2-released/",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}
Reference in New Issue View Git Blame Copy Permalink