Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2023-2182

Опубликовано: 03 мая 2023
Источник: debian
EPSS Низкий

Описание

An issue has been discovered in GitLab EE affecting all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. Under certain conditions when OpenID Connect is enabled on an instance, it may allow users who are marked as 'external' to become 'regular' users thus leading to privilege escalation for those users.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
gitlabnot-affectedpackage

EPSS

Процентиль: 60%
0.00401
Низкий

Связанные уязвимости

nvd логотип

CVE-2023-2182

CVSS3: 6.8
nvd
почти 3 года назад

An issue has been discovered in GitLab EE affecting all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. Under certain conditions when OpenID Connect is enabled on an instance, it may allow users who are marked as 'external' to become 'regular' users thus leading to privilege escalation for those users.

github логотип

GHSA-j24v-67h6-cx49

CVSS3: 6.8
github
почти 3 года назад

An issue has been discovered in GitLab EE affecting all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. Under certain conditions when OpenID Connect is enabled on an instance, it may allow users who are marked as 'external' to become 'regular' users thus leading to privilege escalation for those users.

EPSS

Процентиль: 60%
0.00401
Низкий