An issue has been discovered in GitLab EE affecting all versions starting from 12.8 before 15.11.11, all versions starting from 16.0 before 16.0.7, all versions starting from 16.1 before 16.1.2. An attacker could change the name or path of a public top-level group in certain situations.
References
Link | Resource |
---|---|
https://about.gitlab.com/releases/2023/07/05/security-release-gitlab-16-1-2-released/ | Vendor Advisory |
https://gitlab.com/gitlab-org/gitlab/-/issues/416773 | Broken Link |
https://hackerone.com/reports/2035687 | Permissions Required |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: GitLab
Published: 2023-07-21T13:01:03.770Z
Updated: 2023-07-21T13:01:03.770Z
Reserved: 2023-06-30T17:18:21.746Z
Link: CVE-2023-3484
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-07-21T14:15:10.010
Modified: 2023-07-31T17:03:19.533
Link: CVE-2023-3484
JSON object: View
Redhat Information
No data.