Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2024-0410

Опубликовано: 22 фев. 2024
Источник: debian

Описание

An authorization bypass vulnerability was discovered in GitLab affecting versions 15.1 prior to 16.7.6, 16.8 prior to 16.8.3, and 16.9 prior to 16.9.1. A developer could bypass CODEOWNERS approvals by creating a merge conflict.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
gitlabfixed16.8.3-1package

Связанные уязвимости

ubuntu логотип

CVE-2024-0410

CVSS3: 7.7
ubuntu
почти 2 года назад

An authorization bypass vulnerability was discovered in GitLab affecting versions 15.1 prior to 16.7.6, 16.8 prior to 16.8.3, and 16.9 prior to 16.9.1. A developer could bypass CODEOWNERS approvals by creating a merge conflict.

nvd логотип

CVE-2024-0410

CVSS3: 7.7
nvd
почти 2 года назад

An authorization bypass vulnerability was discovered in GitLab affecting versions 15.1 prior to 16.7.6, 16.8 prior to 16.8.3, and 16.9 prior to 16.9.1. A developer could bypass CODEOWNERS approvals by creating a merge conflict.

github логотип

GHSA-27r2-6rqh-xrg8

CVSS3: 7.7
github
почти 2 года назад

An authorization bypass vulnerability was discovered in GitLab affecting versions 15.1 prior to 16.7.6, 16.8 prior to 16.8.3, and 16.9 prior to 16.9.1. A developer could bypass CODEOWNERS approvals by creating a merge conflict.

fstec логотип

BDU:2024-01635

CVSS3: 3
fstec
около 2 лет назад

Уязвимость программной платформы на базе git для совместной работы над кодом GitLab, связанная с недостатками разграничения доступа, позволяющая нарушителю обойти ограничения безопасности (CODE OWNERS)