{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T04:36:28.738","vulnerabilities":[{"cve":{"id":"CVE-2024-3958","sourceIdentifier":"cve@gitlab.com","published":"2024-08-08T11:15:12.967","lastModified":"2024-08-29T15:50:33.257","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An issue has been discovered in GitLab CE/EE affecting all versions before 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2. An issue was found that allows someone  to abuse a discrepancy between the Web application display and the git command line interface to social engineer victims into cloning non-trusted code."},{"lang":"es","value":"Se descubrió un problema en GitLab CE/EE que afecta a todas las versiones anteriores a 17.0.6, 17.1 anterior a 17.1.4 y 17.2 anterior a 17.2.2. Se encontró un problema que permite a alguien abusar de una discrepancia entre la visualización de la aplicación web y la interfaz de línea de comando de git para realizar ingeniería social a las víctimas para clonar código no confiable."}],"metrics":{"cvssMetricV31":[{"source":"cve@gitlab.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"cve@gitlab.com","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*","versionEndExcluding":"17.0.6","matchCriteriaId":"082D69B3-CFAD-4D5E-A48D-6AEA7F20FD5A"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionEndExcluding":"17.0.6","matchCriteriaId":"146AD6E5-BA11-4A3D-9713-04659991D812"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*","versionStartIncluding":"17.1.0","versionEndExcluding":"17.1.4","matchCriteriaId":"6CA14692-9997-4A11-8B3D-29199A3498D4"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"17.1.0","versionEndExcluding":"17.1.4","matchCriteriaId":"39754D78-BBE0-41D9-B2AB-5402B32C8ECF"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*","versionStartIncluding":"17.2.0","versionEndExcluding":"17.2.2","matchCriteriaId":"153C136B-FF14-43EC-AE67-68273DF7D9ED"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"17.2.0","versionEndExcluding":"17.2.2","matchCriteriaId":"2BE7EFA9-D9B4-4E7E-81B2-597D3DC5756E"}]}]}],"references":[{"url":"https://gitlab.com/gitlab-org/gitlab/-/issues/456988","source":"cve@gitlab.com","tags":["Broken Link"]},{"url":"https://hackerone.com/reports/2437784","source":"cve@gitlab.com","tags":["Permissions Required"]}]}}]}