CVE-2024-12619

MEDIUM Year: 2024
CVSS v3 Score
5.2
Medium
Weakness Type
CWE-1220
View all →

Vulnerability Description

An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1, allowing internal users to gain unauthorized access to internal projects.

Related Vulnerabilities

CVE-2024-2412

MEDIUM
CVSS:5.3(Medium)

The disabling function of the user registration page for Heimavista Rpage and Epage is not properly implemented, allowing remote attackers to complete user registration on sites where user registratio...

CWE-12202024

CVE-2025-1278

MEDIUM
CVSS:5.3(Medium)

An issue has been discovered in GitLab CE/EE affecting all versions from 12.0 before 17.9.8, 17.10 before 17.10.6, and 17.11 before 17.11.2. Under certain conditions users could bypass IP access restr...

CWE-12202025

CVE-2025-2408

MEDIUM
CVSS:5.3(Medium)

An issue has been discovered in GitLab CE/EE affecting all versions from 13.12 before 17.8.7, 17.9 before 17.9.6, and 17.10 before 17.10.4. Under certain conditions users could bypass IP access restri...

CWE-12202025

CVE-2023-3227

MEDIUM
CVSS:5.4(Medium)

Insufficient Granularity of Access Control in GitHub repository fossbilling/fossbilling prior to 0.5.0.

CWE-12202023

CVE-2023-50713

MEDIUM
CVSS:5.0(Medium)

Speckle Server provides server, frontend, 3D viewer, and other JavaScript utilities for the Speckle 3D data platform. A vulnerability in versions prior to 2.17.6 affects users who: authorized an appli...

CWE-12202023

CVE-2024-6696

MEDIUM
CVSS:4.9(Medium)

The product implements access controls via a policy or other feature with the intention to disable or restrict accesses (reads and/or writes) to assets in a system from untrusted agents. However, impl...

CWE-12202024