An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7 before 15.11.10, all versions starting from 16.0 before 16.0.6, all versions starting from 16.1 before 16.1.1. This allowed a developer to remove the CODEOWNERS rules and merge to a protected branch.
Metrics
Affected Vendors & Products
References
History
Wed, 30 Oct 2024 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 03 Oct 2024 07:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-284 |
Thu, 03 Oct 2024 06:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Title | Improper Access Control in GitLab | Incorrect Authorization in GitLab |
Weaknesses | CWE-863 |
MITRE
Status: PUBLISHED
Assigner: GitLab
Published: 2023-07-13T02:08:59.291Z
Updated: 2024-10-30T19:24:40.514Z
Reserved: 2023-05-08T11:23:53.074Z
Link: CVE-2023-2576
Vulnrichment
Updated: 2024-08-02T06:26:09.897Z
NVD
Status : Modified
Published: 2023-07-13T03:15:09.317
Modified: 2024-11-21T07:58:51.890
Link: CVE-2023-2576
Redhat
No data.