CVE-2024-10043
CVSS 3.1 Score 3.1 of 10 (low)
Details
Published Dec 12, 2024
CWE ID 863
Summary
CVE-2024-10043 is a vulnerability impacting GitLab Enterprise Edition (EE). Affected versions include those starting from 14.3 before 17.4.6, 17.5 before 17.5.4, and 17.6 before 17.6.2. This issue permits group users to access confidential incident titles via the Wiki History Diff feature, increasing the risk of information disclosure. This vulnerability could potentially compromise sensitive data within an organization. It is essential for GitLab EE users to upgrade their systems to the latest patched version to mitigate this exposure.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- GitLab
Affected Vendors
- GitLab Inc.