Lucene search
K

6 matches found

OSV
OSV
added 2023/12/17 11:15 p.m.4 views

UBUNTU-CVE-2023-3907

A privilege escalation vulnerability in GitLab EE affecting all versions from 16.0 prior to 16.4.4, 16.5 prior to 16.5.4, and 16.6 prior to 16.6.2 allows a project Maintainer to use a Project Access Token to escalate their role to Owner...

8.8CVSS5.8AI score0.00587EPSS
Exploits0References2
CVE
CVE
added 2023/12/17 11:2 p.m.62 views

CVE-2023-3907

CVE-2023-3907 describes a privilege escalation in GitLab Enterprise Edition where a project Maintainer can use a Project Access Token to elevate their role to Owner. Affected versions are GitLab EE 16.0 up to but not including 16.4.4, 16.5 up to but not including 16.5.4, and 16.6 up to but not in...

8.8CVSS6.7AI score0.00587EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/12/17 11:2 p.m.20 views

CVE-2023-3907 Improper User Management in GitLab

A privilege escalation vulnerability in GitLab EE affecting all versions from 16.0 prior to 16.4.4, 16.5 prior to 16.5.4, and 16.6 prior to 16.6.2 allows a project Maintainer to use a Project Access Token to escalate their role to Owner...

4.9CVSS8.7AI score0.00587EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2023/12/17 11:2 p.m.13 views

CVE-2023-3907 Improper User Management in GitLab

A privilege escalation vulnerability in GitLab EE affecting all versions from 16.0 prior to 16.4.4, 16.5 prior to 16.5.4, and 16.6 prior to 16.6.2 allows a project Maintainer to use a Project Access Token to escalate their role to Owner...

4.9CVSS6.8AI score0.00587EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/12/14 12:0 a.m.47 views

FreeBSD : Gitlab -- vulnerabilities (e2fb85ce-9a3c-11ee-af26-001b217b3468)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the e2fb85ce-9a3c-11ee-af26-001b217b3468 advisory. - Gitlab reports: Smartcard authentication allows impersonation of arbitrary user using user's...

8.8CVSS6.6AI score0.00733EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2023/12/14 12:0 a.m.25 views

GitLab 16.0 < 16.4.4 / 16.5 < 16.5.4 / 16.6 < 16.6.2 (CVE-2023-3907)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - A privilege escalation vulnerability in GitLab EE affecting all versions from 16.0 prior to 16.4.4, 16.5 prior to 16.5.4, and 16.6 prior to 16.6.2 allows a project Maintainer to use a Project Access...

8.8CVSS7.9AI score0.00587EPSS
Exploits0References4
Rows per page
Query Builder