6 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-0456
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An authorization vulnerability exists in GitLab versions 14.0 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. An unauthorized attacker is able ...
FreeBSD : Gitlab -- vulnerabilities (61fe903b-bc2e-11ee-b06e-001b217b3468)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 61fe903b-bc2e-11ee-b06e-001b217b3468 advisory. - An issue has been discovered in GitLab affecting all versions before 16.6.6, 16.7 prior to...
CVE-2024-0456
CVE-2024-0456 affects GitLab: 14.0 before 16.6.6; 16.7 before 16.7.4; and 16.8 before 16.8.1. Description: an authorization vulnerability allows an unauthorized attacker to assign arbitrary users to merge requests (MRs) that the attacker created within the project. Root cause and exact exploitati...
CVE-2024-0456
Removed by vendor...
CVE-2024-0456 Direct Request ('Forced Browsing') in GitLab
An authorization vulnerability exists in GitLab versions 14.0 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. An unauthorized attacker is able to assign arbitrary users to MRs that they created within the project...
GitLab 14.0 < 16.6.6 / 16.7 < 16.7.4 / 16.8 < 16.8.1 (CVE-2024-0456)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An authorization vulnerability exists in GitLab versions 14.0 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. An unauthorized attacker is able to assign arbitrary users to MRs that th...