CVE-2023-3907 | GitLab Enterprise Edition prior 16.4.4/16.5.4/16.6.2 Project Access Token privileges management (Issue 418878)

Posted by Angelo Barbosa | Dec 18, 2023 | CVE

A vulnerability classified as problematic has been found in GitLab Enterprise Edition. This affects an unknown part of the component Project Access Token Handler. The manipulation leads to improper privilege management.

This vulnerability is uniquely identified as CVE-2023-3907. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-3907 | GitLab Enterprise Edition prior 16.4.4/16.5.4/16.6.2 Project Access Token privileges management (Issue 418878)

Related Posts

CVE-2024-5808 | WP Ajax Contact Form Plugin up to 2.2.2 on WordPress cross-site request forgery

CVE-2024-40494 | Keith Cullen FreeCoAP Packet coap_msg.c stack-based overflow

CVE-2024-45299 | alfio-event alf.io up to 2.0-M4 Content Security Policy escape output (GHSA-mcx6-25f8-8rqw)

CVE-2024-42338 | CyberArk Identity Management information disclosure