CVE-2024-10240 | GitLab Enterprise Edition up to 17.3.6/17.4.3/17.5.1 Private Project exposure of sensitive system information to an unauthorized control sphere (Issue 493188)

Posted by Angelo Barbosa | Nov 27, 2024 | CVE

A vulnerability was found in GitLab Enterprise Edition up to 17.3.6/17.4.3/17.5.1 and classified as problematic. Affected by this issue is some unknown functionality of the component Private Project Handler. The manipulation leads to exposure of sensitive system information to an unauthorized control sphere.

This vulnerability is handled as CVE-2024-10240. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-10240 | GitLab Enterprise Edition up to 17.3.6/17.4.3/17.5.1 Private Project exposure of sensitive system information to an unauthorized control sphere (Issue 493188)

Related Posts

CVE-2024-46489 | promptr 6.0.7 URL Privilege Escalation

CVE-2024-5274 | Google Chrome prior 125.0.6422.112 V8 type confusion

CVE-2024-0381 | WP Recipe Maker Plugin up to 9.1.0 on WordPress tag cross site scripting

CVE-2024-47971 | Solidigm D5-P5316/D7-P5520/D7-P5620 denial of service