BIT-GITLAB-2023-5198 Incorrect Authorization in GitLab

An issue has been discovered in GitLab affecting all versions prior to 16.2.7, all versions starting from 16.3 before 16.3.5, and all versions starting from 16.4 before 16.4.1. It was possible for a removed project member to write to protected branches using deploy keys...

CVE-2023-5198

Removed by vendor...

GitLab Enterprise Edition Security Vulnerability

GitLab Enterprise Edition EE is a content management system from GitLab, Inc. in the United States. A security vulnerability exists in GitLab Enterprise Edition that stems from improper authorization management. The following versions are affected: version 11.8 through versions prior to 16.2.8,...

PT-2023-16670 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 13.11 through 16.2.7 GitLab CE/EE versions 16.3 through 16.3.4 GitLab CE/EE versions 16.4 through 16.4.0 Description: An information disclosure issue in GitLab CE/EE allows an attacker to extract non-protected CI/CD...

PT-2023-31438 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions 13.12 through 16.2.7 GitLab versions 16.3 through 16.3.4 Description: A critical vulnerability in GitLab allows attackers to run pipelines as other users, potentially granting access to internal repositories and closed project...