An authorization bypass vulnerability was discovered in GitLab affecting versions 15.1 prior to 16.7.6, 16.8 prior to 16.8.3, and 16.9 prior to 16.9.1. A developer could bypass CODEOWNERS approvals by creating a merge conflict.
Metrics
Affected Vendors & Products
References
History
Thu, 19 Sep 2024 02:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: GitLab
Published: 2024-02-21T23:30:59.792Z
Updated: 2024-09-18T04:09:10.181Z
Reserved: 2024-01-11T08:02:26.198Z
Link: CVE-2024-0410
Vulnrichment
Updated: 2024-08-01T18:04:49.660Z
NVD
Status : Analyzed
Published: 2024-02-22T00:15:51.723
Modified: 2024-03-04T20:25:41.347
Link: CVE-2024-0410
Redhat
No data.