An issue has been discovered in GitLab CE/EE affecting all versions after 13.7 before 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. Improper input sanitization of user name allows arbitrary API PUT requests.
Metrics
Affected Vendors & Products
References
History
Thu, 29 Aug 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:* |
MITRE
Status: PUBLISHED
Assigner: GitLab
Published: 2024-01-26T01:02:58.931Z
Updated: 2024-09-18T04:08:15.195Z
Reserved: 2023-11-02T15:01:52.148Z
Link: CVE-2023-5933
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2024-01-26T01:15:08.660
Modified: 2024-01-31T20:31:37.367
Link: CVE-2023-5933
Redhat
No data.