Lucene search

K
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2023-6564
HistoryFeb 08, 2024 - 12:15 p.m.

CVE-2023-6564

2024-02-0812:15:55
Debian Security Bug Tracker
security-tracker.debian.org
13
gitlab
vulnerability
protected branches
subgroups
push
merge

6.6 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

15.5%

An issue has been discovered in GitLab EE Premium and Ultimate affecting versions 16.4.3, 16.5.3, and 16.6.1. In projects using subgroups to define who can push and/or merge to protected branches, there may have been instances in which subgroup members with the Developer role were able to push or merge to protected branches.

OSVersionArchitecturePackageVersionFilename
Debian999allgitlab< 16.8.4-1gitlab_16.8.4-1_all.deb

6.6 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

15.5%

Related for DEBIANCVE:CVE-2023-6564