CVE-2023-4812 | GitLab Enterprise Edition up to 16.5.5/16.6.3/16.7.1 Merge Request access control

Posted by Angelo Barbosa | Jan 12, 2024 | CVE

A vulnerability classified as critical has been found in GitLab Enterprise Edition up to 16.5.5/16.6.3/16.7.1. Affected is an unknown function of the component Merge Request Handler. The manipulation leads to improper access controls.

This vulnerability is traded as CVE-2023-4812. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-4812 | GitLab Enterprise Edition up to 16.5.5/16.6.3/16.7.1 Merge Request access control

Related Posts

CVE-2024-38909 | Studio 42 elFinder 2.1.64 access control

CVE-2024-6383 | MongoDB libbson up to 1.27.0 might heap-based overflow

CVE-2023-6683 | QEMU Built-In VNC Server qemu_clipboard_request null pointer dereference

CVE-2024-3565 | Content Blocks Plugin up to 3.3.0 on WordPress Shortcode content_block cross site scripting