Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2024-8974

Information disclosure in Gitlab EE/CE affecting all versions from 15.6 prior to 17.2.8, 17.3 prior to 17.3.4, and 17.4 prior to 17.4.1 in specific conditions it was possible to disclose to an unauthorised user the path of a private project."

  • Published: Sep 27, 2024
  • Updated: May 4, 2025
  • CVE: CVE-2024-8974
  • Severity: Low
  • Exploit:

CVSS v3:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWEs:

Software From Fixed in
gitlab / gitlab 17.3.0 17.3.4
gitlab / gitlab 17.4.0 17.4.0.x
gitlab / gitlab 15.6.0 17.2.8