Описание
GitLab has remediated an issue in GitLab EE affecting all versions from 17.11 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that, under certain conditions, could have allowed Developer-role users with insufficient privileges to make unauthorized modifications to protected Conan packages.
Ссылки
- Release NotesVendor Advisory
- Broken Link
- Permissions Required
Уязвимые конфигурации
Одно из
EPSS
4.3 Medium
CVSS3
Дефекты
Связанные уязвимости
GitLab has remediated an issue in GitLab EE affecting all versions from 17.11 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that, under certain conditions, could have allowed Developer-role users with insufficient privileges to make unauthorized modifications to protected Conan packages.
GitLab has remediated an issue in GitLab EE affecting all versions fro ...
GitLab has remediated an issue in GitLab EE affecting all versions from 17.11 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that, under certain conditions, could have allowed Developer-role users with insufficient privileges to make unauthorized modifications to protected Conan packages.
Уязвимость программной платформы на базе git для совместной работы над кодом GitLab Enterprise Edition (EE), связанная с обходом процедуры аутентификации посредством использования альтернативного пути или канала, позволяющая нарушителю обойти существующие механизмы безопасности
EPSS
4.3 Medium
CVSS3