Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-hmrg-q92x-qw2x

Опубликовано: 18 дек. 2023
Источник: github
Github: Не прошло ревью
CVSS3: 4.9

Описание

A privilege escalation vulnerability in GitLab EE affecting all versions from 16.0 prior to 16.4.4, 16.5 prior to 16.5.4, and 16.6 prior to 16.6.2 allows a project Maintainer to use a Project Access Token to escalate their role to Owner

A privilege escalation vulnerability in GitLab EE affecting all versions from 16.0 prior to 16.4.4, 16.5 prior to 16.5.4, and 16.6 prior to 16.6.2 allows a project Maintainer to use a Project Access Token to escalate their role to Owner

Ссылки

EPSS

Процентиль: 7%
0.00026
Низкий

4.9 Medium

CVSS3

CVE ID

CVE-2023-3907

Дефекты

CWE-269
CWE-286

Связанные уязвимости

ubuntu логотип

CVE-2023-3907

CVSS3: 4.9
ubuntu
около 2 лет назад

A privilege escalation vulnerability in GitLab EE affecting all versions from 16.0 prior to 16.4.4, 16.5 prior to 16.5.4, and 16.6 prior to 16.6.2 allows a project Maintainer to use a Project Access Token to escalate their role to Owner

nvd логотип

CVE-2023-3907

CVSS3: 4.9
nvd
около 2 лет назад

A privilege escalation vulnerability in GitLab EE affecting all versions from 16.0 prior to 16.4.4, 16.5 prior to 16.5.4, and 16.6 prior to 16.6.2 allows a project Maintainer to use a Project Access Token to escalate their role to Owner

debian логотип

CVE-2023-3907

CVSS3: 4.9
debian
около 2 лет назад

A privilege escalation vulnerability in GitLab EE affecting all versio ...

EPSS

Процентиль: 7%
0.00026
Низкий

4.9 Medium

CVSS3

CVE ID

CVE-2023-3907

Дефекты

CWE-269
CWE-286