7 matches found
BIT-GITLAB-2023-5226 Improper Control of Generation of Code ('Code Injection') in GitLab
An issue has been discovered in GitLab affecting all versions before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. Under certain circumstances, a malicious actor bypass prohibited branch checks using a specially crafted branch name to...
GitLab 0 < 16.4.3 / 16.5 < 16.5.3 / 16.6 < 16.6.1 (CVE-2023-5226)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab affecting all versions before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. Under certain circumstances, ...
CVE-2023-5226
An issue has been discovered in GitLab affecting all versions before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. Under certain circumstances, a malicious actor bypass prohibited branch checks using a specially crafted branch name to...
CVE-2023-5226 Improper Control of Generation of Code ('Code Injection') in GitLab
An issue has been discovered in GitLab affecting all versions before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. Under certain circumstances, a malicious actor bypass prohibited branch checks using a specially crafted branch name to...
CVE-2023-5226
Removed by vendor...
CVE-2023-5226 Improper Control of Generation of Code ('Code Injection') in GitLab
An issue has been discovered in GitLab affecting all versions before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. Under certain circumstances, a malicious actor bypass prohibited branch checks using a specially crafted branch name to...
CVE-2023-5226
CVE-2023-5226 affects GitLab versions before 16.4.3, 16.5 before 16.5.3, and 16.6 before 16.6.1. Under certain conditions, a malicious actor can bypass prohibitive branch checks by using a specially crafted branch name to manipulate repository content in the UI. The connected sources indicate thi...