An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. Users were capable of linking CI/CD jobs of private projects which they are not a member of.
Metrics
Affected Vendors & Products
References
History
Wed, 18 Sep 2024 08:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:gitlab:gitlab:16.2:*:*:*:*:*:*:* cpe:2.3:a:gitlab:gitlab:16.3:*:*:*:*:*:*:* cpe:2.3:a:gitlab:gitlab:16.4:*:*:*:*:*:*:* |
|
Metrics |
ssvc
|
Thu, 29 Aug 2024 20:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:gitlab:gitlab:16.3:*:*:*:*:*:*:* cpe:2.3:a:gitlab:gitlab:16.4:*:*:*:*:*:*:* |
|
Metrics |
ssvc
|
Thu, 29 Aug 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:* |
MITRE
Status: PUBLISHED
Assigner: GitLab
Published: 2023-09-29T06:02:01.299Z
Updated: 2024-09-18T04:07:00.209Z
Reserved: 2023-08-25T07:01:10.482Z
Link: CVE-2023-4532
Vulnrichment
Updated: 2024-08-02T07:31:06.033Z
NVD
Status : Analyzed
Published: 2023-09-29T07:15:14.200
Modified: 2023-10-03T19:28:34.357
Link: CVE-2023-4532
Redhat
No data.