An authorization vulnerability exists in GitLab versions 14.0 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. An unauthorized attacker is able to assign arbitrary users to MRs that they created within the project
Metrics
Affected Vendors & Products
References
History
Thu, 29 Aug 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | An authorization vulnerability exists in GitLab versions 14.0 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. An unauthorized attacker is able to assign arbitrary users to MRs that they created within the project | An authorization vulnerability exists in GitLab versions 14.0 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. An unauthorized attacker is able to assign arbitrary users to MRs that they created within the project |
CPEs | cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:* |
MITRE
Status: PUBLISHED
Assigner: GitLab
Published: 2024-01-26T01:02:43.953Z
Updated: 2024-08-29T15:04:54.550Z
Reserved: 2024-01-12T08:02:33.279Z
Link: CVE-2024-0456
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2024-01-26T01:15:09.110
Modified: 2024-01-31T20:12:00.077
Link: CVE-2024-0456
Redhat
No data.