CVE-2024-4006

gitlab-org/gitlab

on gitlab

Published

April 25, 2024

Severity

CVSS v3:

N/A

CVSS v2:

N/A

Description

An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.7 before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1 where personal access scopes were not honored by GraphQL subscriptions

References

https://gitlab.com/gitlab-org/gitlab/-/issues/455805

Configurations

CPE23	Version Start	Version End	Exact Version

External Links

NVD - CVE-2024-4006