VYPR
Unrated severityNVD Advisory· Published Dec 16, 2024· Updated Dec 16, 2024

Incorrect Authorization in GitLab

CVE-2024-8116

Description

An issue has been discovered in GitLab CE/EE affecting all versions from 16.9 before 17.4.6, 17.5 before 17.5.4, and 17.6 before 17.6.2. By using a specific GraphQL query, under specific conditions an unauthorized user can retrieve branch names.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

10

Patches

Vulnerability mechanics

References

2

News mentions

1