CVE-2024-11129

{"id": "CVE-2024-11129", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "cve@gitlab.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 4.0, "exploitabilityScore": 1.8}]}, "published": "2025-04-10T13:15:43.993", "references": [{"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/503722", "source": "cve@gitlab.com"}, {"url": "https://hackerone.com/reports/2717400", "source": "cve@gitlab.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "cve@gitlab.com", "description": [{"lang": "en", "value": "CWE-209"}]}], "descriptions": [{"lang": "en", "value": "An issue has been discovered in GitLab EE affecting all versions from 17.1 before 17.8.7, 17.9 before 17.9.6, and 17.10 before 17.10.4. This allows attackers to perform targeted searches with sensitive keywords to get the count of issues containing the searched term.\""}, {"lang": "es", "value": " Se ha descubierto un problema en GitLab EE que afecta a todas las versiones desde la 17.1 hasta la 17.8.7, la 17.9 hasta la 17.9.6 y la 17.10 hasta la 17.10.4. Esto permite a los atacantes realizar b\u00fasquedas espec\u00edficas con palabras clave sensibles para obtener el recuento de problemas que contienen el t\u00e9rmino buscado."}], "lastModified": "2025-04-11T15:39:52.920", "sourceIdentifier": "cve@gitlab.com"}