Lucene search
K

4 matches found

OSV
OSV
added 2026/05/18 6:10 a.m.7 views

BIT-GITLAB-2026-2900 Missing Authorization in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 16.10 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that when instance-level approval rule editing prevention was enabled, could have allowed an authenticated user with Maintainer permissions to modify or dele...

2.7CVSS5.8AI score0.00219EPSS
Exploits0References4
OSV
OSV
added 2026/05/14 6:16 a.m.5 views

UBUNTU-CVE-2026-2900

GitLab has remediated an issue in GitLab EE affecting all versions from 16.10 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that when instance-level approval rule editing prevention was enabled, could have allowed an authenticated user with Maintainer permissions to modify or dele...

2.7CVSS5.8AI score0.00219EPSS
Exploits0References5
CVE
CVE
added 2026/05/14 5:36 a.m.27 views

CVE-2026-2900

GitLab EE patched a vulnerability where, if instance-level approval rule editing prevention was enabled, an authenticated Maintainer could modify or delete project approval rules due to missing authorization checks. Affected are GitLab EE versions: 16.10 before 18.9.7, 18.10 before 18.10.6, and 1...

2.7CVSS5.8AI score0.00219EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2021/03/03 4:15 a.m.25 views

Improper access control

An improper access control vulnerability was identified in the GitHub Enterprise Server GraphQL API that allowed authenticated users of the instance to modify the maintainer collaboration permission of a pull request without proper authorization. By exploiting this vulnerability, an attacker woul...

5.5CVSS7.9AI score0.00968EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder