Описание
An issue was discovered in GitLab CE/EE affecting all versions starting from 15.5 before 17.5.5, 17.6 before 17.6.3, and 17.7 before 17.7.1, in which unauthorized users could manipulate the status of issues in public projects.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-apps/xenial | ignored | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | DNE | |
| noble | DNE | |
| oracular | DNE | |
| upstream | needs-triage |
Показывать по
Ссылки на источники
EPSS
4.3 Medium
CVSS3
Связанные уязвимости
An issue was discovered in GitLab CE/EE affecting all versions starting from 15.5 before 17.5.5, 17.6 before 17.6.3, and 17.7 before 17.7.1, in which unauthorized users could manipulate the status of issues in public projects.
An issue was discovered in GitLab CE/EE affecting all versions startin ...
An issue was discovered in GitLab CE/EE affecting all versions starting from 15.5 before 17.5.5, 17.6 before 17.6.3, and 17.7 before 17.7.1, in which unauthorized users could manipulate the status of issues in public projects.
Уязвимость программной платформы на базе git для совместной работы над кодом GitLab, связанная с отсутствием процедуры авторизации, позволяющая нарушителю изменять статус задач в общедоступных проектах
EPSS
4.3 Medium
CVSS3