Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2023-3907

Опубликовано: 17 дек. 2023
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 4.9

Описание

A privilege escalation vulnerability in GitLab EE affecting all versions from 16.0 prior to 16.4.4, 16.5 prior to 16.5.4, and 16.6 prior to 16.6.2 allows a project Maintainer to use a Project Access Token to escalate their role to Owner

РелизСтатусПримечание
bionic

ignored

end of standard support
devel

DNE

esm-apps/xenial

ignored

not maintainable
esm-infra/focal

DNE

focal

DNE

jammy

DNE

lunar

DNE

mantic

DNE

noble

DNE

trusty

ignored

end of standard support

Показывать по

Ссылки на источники

EPSS

Процентиль: 7%
0.00026
Низкий

4.9 Medium

CVSS3

Связанные уязвимости

nvd логотип

CVE-2023-3907

CVSS3: 4.9
nvd
около 2 лет назад

A privilege escalation vulnerability in GitLab EE affecting all versions from 16.0 prior to 16.4.4, 16.5 prior to 16.5.4, and 16.6 prior to 16.6.2 allows a project Maintainer to use a Project Access Token to escalate their role to Owner

debian логотип

CVE-2023-3907

CVSS3: 4.9
debian
около 2 лет назад

A privilege escalation vulnerability in GitLab EE affecting all versio ...

github логотип

GHSA-hmrg-q92x-qw2x

CVSS3: 4.9
github
около 2 лет назад

A privilege escalation vulnerability in GitLab EE affecting all versions from 16.0 prior to 16.4.4, 16.5 prior to 16.5.4, and 16.6 prior to 16.6.2 allows a project Maintainer to use a Project Access Token to escalate their role to Owner

EPSS

Процентиль: 7%
0.00026
Низкий

4.9 Medium

CVSS3