Описание
GitLab has remediated an issue in GitLab EE affecting all versions from 18.1 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that under certain conditions could have allowed an authenticated user to gain unauthorized access to resources due to improper caching of authorization decisions.
Ссылки
- Vendor AdvisoryRelease Notes
- Broken Link
Уязвимые конфигурации
Конфигурация 1Версия от 18.1.0 (включая) до 18.8.7 (исключая)Версия от 18.9.0 (включая) до 18.9.3 (исключая)
Одно из
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:18.10.0:*:*:*:enterprise:*:*:*
EPSS
Процентиль: 3%
0.00014
Низкий
3.7 Low
CVSS3
Дефекты
CWE-863
Связанные уязвимости
CVSS3: 3.7
debian
6 дней назад
GitLab has remediated an issue in GitLab EE affecting all versions fro ...
CVSS3: 3.7
github
6 дней назад
GitLab has remediated an issue in GitLab EE affecting all versions from 18.1 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that under certain conditions could have allowed an authenticated user to gain unauthorized access to resources due to improper caching of authorization decisions.
EPSS
Процентиль: 3%
0.00014
Низкий
3.7 Low
CVSS3
Дефекты
CWE-863