An issue has been discovered in GitLab EE Premium and Ultimate affecting versions 16.4.3, 16.5.3, and 16.6.1. In projects using subgroups to define who can push and/or merge to protected branches, there may have been instances in which subgroup members with the Developer role were able to push or merge to protected branches.
Metrics
Affected Vendors & Products
References
History
Thu, 29 Aug 2024 20:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 29 Aug 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:* |
MITRE
Status: PUBLISHED
Assigner: GitLab
Published: 2024-02-08T11:30:52.438Z
Updated: 2024-08-29T15:04:52.878Z
Reserved: 2023-12-06T20:01:35.486Z
Link: CVE-2023-6564
Vulnrichment
Updated: 2024-08-02T08:35:14.927Z
NVD
Status : Analyzed
Published: 2024-02-08T12:15:55.767
Modified: 2024-03-04T20:56:09.493
Link: CVE-2023-6564
Redhat
No data.