A vulnerability was discovered in GitLab CE and EE affecting all versions starting 16.0 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. An authenticated attacker could perform arbitrary pipeline execution under the context of another user.
Metrics
Affected Vendors & Products
References
History
Thu, 19 Sep 2024 02:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 29 Aug 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:* |
MITRE
Status: PUBLISHED
Assigner: GitLab
Published: 2023-09-30T08:30:30.788Z
Updated: 2024-09-18T04:07:45.195Z
Reserved: 2023-09-26T18:01:22.360Z
Link: CVE-2023-5207
Vulnrichment
Updated: 2024-08-02T07:52:07.762Z
NVD
Status : Analyzed
Published: 2023-09-30T09:15:14.933
Modified: 2023-10-04T01:55:31.953
Link: CVE-2023-5207
Redhat