2 matches found
CVE-2026-14340
GitHub Enterprise Server (GitHub ES) suffers an incorrect authorization vulnerability (CVE-2026-14340) where a user-to-server token scoped to a GitHub App installation could perform write operations on public repositories outside the token’s scope. The root cause is an authorization check that on...
PT-2024-9295 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 16.9.8 through 17.4.5 GitLab CE/EE versions 17.5 through 17.5.3 GitLab CE/EE versions 17.6 through 17.6.1 Description: The issue is related to the incorrect handling of token scopes in GitLab CE/EE, which could allow...