Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2024-11669

An issue was discovered in GitLab CE/EE affecting all versions from 16.9.8 before 17.4.5, 17.5 before 17.5.3, and 17.6 before 17.6.1. Certain API endpoints could potentially allow unauthorized access to sensitive data due to overly broad application of token scopes.

  • Published: Nov 26, 2024
  • Updated: May 4, 2025
  • CVE: CVE-2024-11669
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

No CWE or OWASP classifications available.

Software From Fixed in
gitlab / gitlab 17.6.0 17.6.0.x
gitlab / gitlab 17.5.0 17.5.3
gitlab / gitlab 16.9.8 17.4.5