An issue has been discovered in GitLab EE affecting all versions starting from 16.2 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for an attacker to abuse the policy bot to gain access to internal projects.
Metrics
Affected Vendors & Products
References
History
Thu, 29 Aug 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:* |
MITRE
Status: PUBLISHED
Assigner: GitLab
Published: 2023-12-01T07:01:28.253Z
Updated: 2024-09-18T04:08:20.187Z
Reserved: 2023-11-07T17:30:43.042Z
Link: CVE-2023-5995
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-12-01T07:15:13.033
Modified: 2023-12-06T18:52:42.327
Link: CVE-2023-5995
Redhat
No data.