The vulnerability of the GraphQL Query Handler component of the software platform based on Git, which is used for collaborative code development in GitLab EE/CE, allows a perpetrator to access confidential information.

The vulnerability of the GraphQL Query Handler component in the Git-based software platform, which is used for collaborative code development in GitLab EE/CE, is related to the absence of authentication. Exploiting this vulnerability allows a malicious actor to gain access to confidential...

PT-2024-10310 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 16.9 through 17.4.5 GitLab CE/EE versions 17.5 through 17.5.3 GitLab CE/EE versions 17.6 through 17.6.1 Description: An issue has been discovered in GitLab CE/EE, where an unauthorized user can retrieve branch names by...