Описание
A vulnerability was discovered in GitLab CE and EE affecting all versions starting 16.0 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. An authenticated attacker could perform arbitrary pipeline execution under the context of another user.
Ссылки
- Broken Link
- Broken Link
- Permissions Required
- Broken Link
- Broken Link
- Permissions Required
Уязвимые конфигурации
Одно из
EPSS
8.2 High
CVSS3
8.8 High
CVSS3
Дефекты
Связанные уязвимости
A vulnerability was discovered in GitLab CE and EE affecting all versions starting 16.0 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. An authenticated attacker could perform arbitrary pipeline execution under the context of another user.
A vulnerability was discovered in GitLab CE and EE affecting all versions starting 16.0 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. An authenticated attacker could perform arbitrary pipeline execution under the context of another user.
A vulnerability was discovered in GitLab CE and EE affecting all versi ...
A vulnerability was discovered in GitLab CE and EE affecting all versions starting 16.0 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. An authenticated attacker could perform arbitrary pipeline execution under the context of another user.
Уязвимость программной платформы на базе git для совместной работы над кодом GitLab, связанная с недостатками контроля доступа, позволяющая нарушителю выполнить произвольный код
EPSS
8.2 High
CVSS3
8.8 High
CVSS3