An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. Due to improper permission validation it was possible to create model experiments in public projects.
References
Link | Resource |
---|---|
https://gitlab.com/gitlab-org/gitlab/-/issues/420301 | Broken Link |
https://hackerone.com/reports/2083440 | Permissions Required |
Configurations
Configuration 1 (hide)
|
History
07 Sep 2023, 18:22
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://gitlab.com/gitlab-org/gitlab/-/issues/420301 - Broken Link | |
References | (MISC) https://hackerone.com/reports/2083440 - Permissions Required | |
First Time |
Gitlab gitlab
Gitlab |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.3 |
CPE | cpe:2.3:a:gitlab:gitlab:16.3.0:*:*:*:community:*:*:* cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:* cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:* cpe:2.3:a:gitlab:gitlab:16.3.0:*:*:*:enterprise:*:*:* |
|
CWE | NVD-CWE-Other |
01 Sep 2023, 11:47
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-09-01 11:15
Updated : 2023-12-10 15:14
NVD link : CVE-2023-4018
Mitre link : CVE-2023-4018
CVE.ORG link : CVE-2023-4018
JSON object : View
Products Affected
gitlab
- gitlab
CWE