{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T06:08:27.417","vulnerabilities":[{"cve":{"id":"CVE-2024-11669","sourceIdentifier":"cve@gitlab.com","published":"2024-11-26T19:15:22.367","lastModified":"2024-12-12T21:11:00.737","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An issue was discovered in GitLab CE/EE affecting all versions from 16.9.8 before 17.4.5, 17.5 before 17.5.3, and 17.6 before 17.6.1. Certain API endpoints could potentially allow unauthorized access to sensitive data due to overly broad application of token scopes."},{"lang":"es","value":"Se descubrió un problema en GitLab CE/EE que afectaba a todas las versiones desde la 16.9.8 hasta la 17.4.5, desde la 17.5 hasta la 17.5.3 y desde la 17.6 hasta la 17.6.1. Ciertos endpoints de API podrían permitir el acceso no autorizado a datos confidenciales debido a la aplicación demasiado amplia de los alcances de los tokens."}],"metrics":{"cvssMetricV31":[{"source":"cve@gitlab.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":5.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"cve@gitlab.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*","versionStartIncluding":"16.9.8","versionEndExcluding":"17.4.5","matchCriteriaId":"555160BC-DF24-4025-ACB6-4B79907F7094"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"16.9.8","versionEndExcluding":"17.4.5","matchCriteriaId":"54A6B5EA-1A08-4D43-9C2B-CAC5DE109873"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*","versionStartIncluding":"17.5.0","versionEndExcluding":"17.5.3","matchCriteriaId":"5C1F85A0-709A-4C88-9C40-93D3C47AFD54"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"17.5.0","versionEndExcluding":"17.5.3","matchCriteriaId":"305F5CB5-5B11-4AA7-ABAE-D4B9A05F6B4A"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:17.6.0:*:*:*:community:*:*:*","matchCriteriaId":"3A39B04B-D109-467A-82E1-3FE6CBA48FEE"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:17.6.0:*:*:*:enterprise:*:*:*","matchCriteriaId":"1212AE23-98AB-4E7A-AAB5-0AD266DFC7D4"}]}]}],"references":[{"url":"https://gitlab.com/gitlab-org/gitlab/-/issues/501528","source":"cve@gitlab.com","tags":["Broken Link"]}]}}]}