Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-0456

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An authorization vulnerability exists in GitLab versions 14.0 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. An unauthorized attacker is able ...

4.3CVSS5.3AI score0.00488EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/01/27 12:0 a.m.44 views

FreeBSD : Gitlab -- vulnerabilities (61fe903b-bc2e-11ee-b06e-001b217b3468)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 61fe903b-bc2e-11ee-b06e-001b217b3468 advisory. - An issue has been discovered in GitLab affecting all versions before 16.6.6, 16.7 prior to...

9.9CVSS6.9AI score0.04392EPSS
Exploits3References7
CVE
CVE
added 2024/01/26 1:2 a.m.92 views

CVE-2024-0456

CVE-2024-0456 affects GitLab: 14.0 before 16.6.6; 16.7 before 16.7.4; and 16.8 before 16.8.1. Description: an authorization vulnerability allows an unauthorized attacker to assign arbitrary users to merge requests (MRs) that the attacker created within the project. Root cause and exact exploitati...

4.3CVSS4.6AI score0.00488EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2024/01/26 1:2 a.m.28 views

CVE-2024-0456

Removed by vendor...

4.3CVSS5.8AI score0.00488EPSS
Exploits0
OSV
OSV
added 2024/01/26 1:2 a.m.24 views

CVE-2024-0456 Direct Request ('Forced Browsing') in GitLab

An authorization vulnerability exists in GitLab versions 14.0 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. An unauthorized attacker is able to assign arbitrary users to MRs that they created within the project...

4.3CVSS4.7AI score0.00488EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/01/25 12:0 a.m.31 views

GitLab 14.0 < 16.6.6 / 16.7 < 16.7.4 / 16.8 < 16.8.1 (CVE-2024-0456)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An authorization vulnerability exists in GitLab versions 14.0 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. An unauthorized attacker is able to assign arbitrary users to MRs that th...

4.3CVSS5.4AI score0.00488EPSS
Exploits0References8
Rows per page
Query Builder