CVE-2024-12619
MEDIUMGitLab CE/EE <17.8.6-17.10.1 - Privilege Escalation
Title source: llmDescription
An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1, allowing internal users to gain unauthorized access to internal projects.
Scores
CVSS v3
5.2
EPSS
0.0006
EPSS Percentile
17.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N
Classification
CWE
CWE-1220
Status
published
Affected Products (4)
gitlab/gitlab
< 17.8.6
gitlab/gitlab
< 17.8.6
gitlab/gitlab
gitlab/gitlab
Timeline
Published
Mar 28, 2025
Tracked Since
Feb 18, 2026