An issue has been discovered in GitLab CE/EE affecting all versions after 13.7 before 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. Improper input sanitization of user name allows arbitrary API PUT requests.
History

Thu, 29 Aug 2024 15:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*

cve-icon MITRE

Status: PUBLISHED

Assigner: GitLab

Published: 2024-01-26T01:02:58.931Z

Updated: 2024-09-18T04:08:15.195Z

Reserved: 2023-11-02T15:01:52.148Z

Link: CVE-2023-5933

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2024-01-26T01:15:08.660

Modified: 2024-01-31T20:31:37.367

Link: CVE-2023-5933

cve-icon Redhat

No data.