CVE-2024-6389

Published: 2024-09-12T17:15Z

Last Modified: 2024-11-21T09:49Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

An issue was discovered in GitLab-CE/EE affecting all versions starting with 17.0 before 17.1.7, 17.2 before 17.2.5, and 17.3 before 17.3.2. An attacker as a guest user was able to access commit information via the release Atom endpoint, contrary to permissions. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt