CVE-2023-3484

Summary

An issue has been discovered in GitLab EE affecting all versions starting from 12.8 before 15.11.11, all versions starting from 16.0 before 16.0.7, all versions starting from 16.1 before 16.1.2. An attacker could change the name or path of a public top-level group in certain situations.

Affected Software

VendorProductVersion RangeStatus
GitLabGitLab12.8 < 15.11.11affected
GitLabGitLab16.0 < 16.0.7affected
GitLabGitLab16.1 < 16.1.2affected

Weaknesses

  • CWE-863: CWE-863: Incorrect Authorization

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References