{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-07T22:44:09.869","vulnerabilities":[{"cve":{"id":"CVE-2024-4283","sourceIdentifier":"cve@gitlab.com","published":"2024-09-16T22:15:20.650","lastModified":"2024-09-24T16:51:23.193","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An issue has been discovered in GitLab EE affecting all versions starting from 11.1 before 17.1.7, 17.2 before 17.2.5, and 17.3 before 17.3.2. Under certain conditions an open redirect vulnerability could allow for an account takeover by breaking the OAuth flow."},{"lang":"es","value":"Se ha descubierto un problema en GitLab EE que afecta a todas las versiones a partir de la 11.1 anterior a la 17.1.7, la 17.2 anterior a la 17.2.5 y la 17.3 anterior a la 17.3.2. En determinadas condiciones, una vulnerabilidad de redirección abierta podría permitir la apropiación de una cuenta interrumpiendo el flujo de OAuth."}],"metrics":{"cvssMetricV31":[{"source":"cve@gitlab.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":5.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}]},"weaknesses":[{"source":"cve@gitlab.com","type":"Secondary","description":[{"lang":"en","value":"CWE-601"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-601"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"11.1.0","versionEndExcluding":"17.1.7","matchCriteriaId":"8D6519A2-EF66-4695-8CF6-420A17212C8D"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"17.2.0","versionEndExcluding":"17.2.5","matchCriteriaId":"1F428DA1-FB1C-4B14-A1E1-65177E7F4B10"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"17.3.0","versionEndExcluding":"17.3.2","matchCriteriaId":"145E52CC-F503-446E-A760-1C01753DA938"}]}]}],"references":[{"url":"https://gitlab.com/gitlab-org/gitlab/-/issues/458502","source":"cve@gitlab.com","tags":["Broken Link"]},{"url":"https://hackerone.com/reports/2474286","source":"cve@gitlab.com","tags":["Permissions Required"]}]}}]}