An issue has been discovered in GitLab EE affecting all versions starting from 15.3 before 16.5.6, all versions starting from 16.6 before 16.6.4, all versions starting from 16.7 before 16.7.2. The required CODEOWNERS approval could be bypassed by adding changes to a previously approved merge request.
Metrics
Affected Vendors & Products
References
History
Thu, 14 Nov 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 03 Oct 2024 07:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-284 |
Thu, 03 Oct 2024 06:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Title | Improper Access Control in GitLab | Incorrect Authorization in GitLab |
Weaknesses | CWE-863 |
Thu, 29 Aug 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:* |
MITRE
Status: PUBLISHED
Assigner: GitLab
Published: 2024-01-12T13:56:56.701Z
Updated: 2024-11-14T14:33:34.258Z
Reserved: 2023-09-06T19:01:03.223Z
Link: CVE-2023-4812
Vulnrichment
Updated: 2024-08-02T07:38:00.651Z
NVD
Status : Modified
Published: 2024-01-12T14:15:48.510
Modified: 2024-11-21T08:36:01.307
Link: CVE-2023-4812
Redhat
No data.