An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7 before 15.11.10, all versions starting from 16.0 before 16.0.6, all versions starting from 16.1 before 16.1.1. This allowed a developer to remove the CODEOWNERS rules and merge to a protected branch.
History

Wed, 30 Oct 2024 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 03 Oct 2024 07:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-284

Thu, 03 Oct 2024 06:30:00 +0000

Type Values Removed Values Added
Title Improper Access Control in GitLab Incorrect Authorization in GitLab
Weaknesses CWE-863

cve-icon MITRE

Status: PUBLISHED

Assigner: GitLab

Published: 2023-07-13T02:08:59.291Z

Updated: 2024-10-30T19:24:40.514Z

Reserved: 2023-05-08T11:23:53.074Z

Link: CVE-2023-2576

cve-icon Vulnrichment

Updated: 2024-08-02T06:26:09.897Z

cve-icon NVD

Status : Modified

Published: 2023-07-13T03:15:09.317

Modified: 2024-11-21T07:58:51.890

Link: CVE-2023-2576

cve-icon Redhat

No data.