An issue was discovered in GitLab CE/EE affecting all versions starting from 8.16 prior to 17.2.9, starting from 17.3 prior to 17.3.5, and starting from 17.4 prior to 17.4.2, which allows deploy keys to push to an archived repository.
References
Link | Resource |
---|---|
https://gitlab.com/gitlab-org/gitlab/-/issues/459995 | Broken Link |
Configurations
Configuration 1 (hide)
|
History
16 Oct 2024, 16:59
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
CPE | cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:* cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:* |
|
First Time |
Gitlab
Gitlab gitlab |
|
References | () https://gitlab.com/gitlab-org/gitlab/-/issues/459995 - Broken Link | |
Summary |
|
10 Oct 2024, 10:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-10-10 10:15
Updated : 2024-10-16 16:59
NVD link : CVE-2024-9623
Mitre link : CVE-2024-9623
CVE.ORG link : CVE-2024-9623
JSON object : View
Products Affected
gitlab
- gitlab
CWE
CWE-863
Incorrect Authorization