Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-2576


An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7 before 15.11.10, all versions starting from 16.0 before 16.0.6, all versions starting from 16.1 before 16.1.1. This allowed a developer to remove the CODEOWNERS rules and merge to a protected branch.


Published

2023-07-13T03:15:09.317

Last Modified

2024-11-21T07:58:51.890

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 4.3 (MEDIUM)

Weaknesses
  • Type: Secondary
    CWE-863
  • Type: Primary
    NVD-CWE-noinfo

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application gitlab gitlab < 15.11.10 Yes
Application gitlab gitlab < 15.11.10 Yes
Application gitlab gitlab < 16.0.6 Yes
Application gitlab gitlab < 16.0.6 Yes
Application gitlab gitlab < 16.1.1 Yes
Application gitlab gitlab < 16.1.1 Yes

References