CVE-2024-7554

Exposure of Sensitive Information to an Unauthorized Actor in GitLab

Description

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.9 before 17.0.6, all versions starting from 17.1 before 17.1.4, all versions starting from 17.2 before 17.2.2. Under certain conditions, access tokens may have been logged when an API request was made in a specific manner.

INFO

Published Date :

2024-08-08T10:30:47.869Z

Last Modified :

2024-08-29T15:05:01.135Z

Source :

GitLab

AFFECTED PRODUCTS

The following products are affected by CVE-2024-7554 vulnerability.

Vendors	Products
Gitlab	Gitlab

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-7554.

URL	Resource
https://gitlab.com/gitlab-org/gitlab/-/issues/471555

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact