VYPR
Medium severity4.0NVD Advisory· Published Dec 12, 2024· Updated Jun 17, 2026

CVE-2024-12292

CVE-2024-12292

Description

An issue was discovered in GitLab CE/EE affecting all versions starting from 11.0 prior to 17.4.6, starting from 17.5 prior to 17.5.4, and starting from 17.6 prior to 17.6.2, where sensitive information passed in GraphQL mutations may have been retained in GraphQL logs.

Affected products

10

Patches

Vulnerability mechanics

References

1

News mentions

1