← volver
CVE-2023-5061

Missing Authorization in GitLab

CVSS 4.3 MEDIUMEPSS 0.4%CWE-862
An issue has been discovered in GitLab affecting all versions starting from 9.3 before 16.4.4, all versions starting from 16.5 before 16.5.4, all versions starting from 16.6 before 16.6.2. In certain situations, it may have been possible for developers to override predefined CI variables via the REST API.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Productos afectados
GitLab · GitLab

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://gitlab.com/gitlab-org/gitlab/-/issues/425521https://hackerone.com/reports/2125189