NVD Vulnerability Detail

Search Exploit, PoC

Exploit DB

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2024-5005

Summary	An issue has been discovered discovered in GitLab EE/CE affecting all versions starting from 11.4 before 17.2.9, all versions starting from 17.3 before 17.3.5, all versions starting from 17.4 before 17.4.2 It was possible for guest users to disclose project templates using the API.
Publication Date	Oct. 11, 2024, 10:15 p.m.
Registration Date	Oct. 12, 2024, 5 a.m.
Last Update	Oct. 15, 2024, 9:58 p.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://gitlab.com/gitlab-org/gitlab/-/issues/462108
2	https://hackerone.com/reports/2501461

Common Vulnerabilities List

JVN Vulnerability Information

GitLab.org の GitLab における脆弱性

Title	GitLab.org の GitLab における脆弱性
Summary	GitLab.org の GitLab には、不特定の脆弱性が存在します。
Possible impacts	情報を取得される可能性があります。
Solution	参考情報を参照して適切な対策を実施してください。
Publication Date	Oct. 11, 2024, midnight
Registration Date	Dec. 13, 2024, 1:06 p.m.
Last Update	Dec. 13, 2024, 1:06 p.m.

Affected System

GitLab.org

GitLab 11.4.0 以上 17.2.9 未満

GitLab 17.3.0 以上 17.3.5 未満

GitLab 17.4.0 以上 17.4.2 未満

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2024-5005	https://www.cve.org/CVERecord?id=CVE-2024-5005
National Vulnerability Database (NVD)
2	CVE-2024-5005	https://nvd.nist.gov/vuln/detail/CVE-2024-5005

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-684	https://cwe.mitre.org/data/definitions/684.html
2	CWE-noinfo	https://www.ipa.go.jp/security/vuln/scap/cwe.html

その他

No	Name	URL
関連文書
1	gitlab.com (issues/462108)	https://gitlab.com/gitlab-org/gitlab/-/issues/462108

Change Log

No	Changed Details	Date of change
1	[2024年12月13日] 掲載	Dec. 13, 2024, 1:06 p.m.