An issue has been discovered in GitLab affecting all versions starting from 9.2 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for a user with the Developer role to update a pipeline schedule from an unprotected branch to a protected branch.
Metrics
Affected Vendors & Products
References
History
Thu, 29 Aug 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:* |
MITRE
Status: PUBLISHED
Assigner: GitLab
Published: 2023-12-01T07:02:03.130Z
Updated: 2024-09-18T04:06:45.208Z
Reserved: 2023-08-13T22:01:43.533Z
Link: CVE-2023-4317
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-12-01T07:15:10.197
Modified: 2023-12-06T19:21:43.160
Link: CVE-2023-4317
Redhat
No data.