An issue has been discovered in GitLab affecting all versions starting from 10.6 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible that upstream members to collaborate with you on your branch get permission to write to the merge request’s source branch.
Metrics
Affected Vendors & Products
References
History
Thu, 03 Oct 2024 07:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-200 |
Thu, 03 Oct 2024 06:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Title | Exposure of Sensitive Information to an Unauthorized Actor in GitLab | Incorrect Authorization in GitLab |
Weaknesses | CWE-863 |
Thu, 19 Sep 2024 02:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 29 Aug 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:* |
MITRE
Status: PUBLISHED
Assigner: GitLab
Published: 2023-09-29T06:02:06.310Z
Updated: 2024-10-03T06:23:13.555Z
Reserved: 2023-07-27T18:01:01.568Z
Link: CVE-2023-3979
Vulnrichment
Updated: 2024-08-02T07:08:50.787Z
NVD
Status : Modified
Published: 2023-09-29T07:15:13.910
Modified: 2024-11-21T08:18:27.790
Link: CVE-2023-3979
Redhat
No data.