An authorization vulnerability exists within GitLab from...
Moderate severity
Unreviewed
Published
May 23, 2024
to the GitHub Advisory Database
•
Updated Dec 13, 2024
Description
Published by the National Vulnerability Database
May 23, 2024
Published to the GitHub Advisory Database
May 23, 2024
Last updated
Dec 13, 2024
An authorization vulnerability exists within GitLab from versions 16.10 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1 where an authenticated attacker could utilize a crafted naming convention to bypass pipeline authorization logic.
References