High Published: Dec 05, 2025

CVE-2024-9183

7.7 CVSS SCORE

Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N

Description

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.4 prior to 18.4.5, 18.5 prior to 18.5.3, and 18.6 prior to 18.6.1 that could have allowed an authenticated user to obtain credentials from higher-privileged users and perform actions in their context under specific conditions.

CVSS Vector Details

Attack Vector Network

Attack Complexity High

Privileges Required Low

User Interaction Required

Scope Changed

Confidentiality High

Integrity High

Availability None

Weaknesses (CWE)

CWE-367

References & External Links

https://gitlab.com/gitlab-org/gitlab/-/issues/494478
https://hackerone.com/reports/2707421

External Resources

NVD Official Record Exploit-DB Search Exploits CVE Details Statistics GitHub PoC / Tools X / Twitter Discussions Google Search More

← Back to CVE Tracker