Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2024-1299

Опубликовано: 07 мар. 2024
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 6.5

Описание

A privilege escalation vulnerability was discovered in GitLab affecting versions 16.8 prior to 16.8.4 and 16.9 prior to 16.9.2. It was possible for a user with custom role of manage_group_access_tokens to rotate group access tokens with owner privileges.

РелизСтатусПримечание
devel

DNE

esm-apps/xenial

ignored

not maintainable
esm-infra/focal

DNE

focal

DNE

jammy

DNE

mantic

DNE

noble

DNE

upstream

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 4%
0.00021
Низкий

6.5 Medium

CVSS3

Связанные уязвимости

nvd логотип

CVE-2024-1299

CVSS3: 6.5
nvd
больше 1 года назад

A privilege escalation vulnerability was discovered in GitLab affecting versions 16.8 prior to 16.8.4 and 16.9 prior to 16.9.2. It was possible for a user with custom role of `manage_group_access_tokens` to rotate group access tokens with owner privileges.

debian логотип

CVE-2024-1299

CVSS3: 6.5
debian
больше 1 года назад

A privilege escalation vulnerability was discovered in GitLab affectin ...

github логотип

GHSA-27h4-9w4j-cp97

CVSS3: 6.5
github
больше 1 года назад

A privilege escalation vulnerability was discovered in GitLab affecting versions 16.8 prior to 16.8.4 and 16.9 prior to 16.9.2. It was possible for a user with custom role of `manage_group_access_tokens` to rotate group access tokens with owner privileges.

EPSS

Процентиль: 4%
0.00021
Низкий

6.5 Medium

CVSS3