VDB

ANCHORE-2023-5933

ANCHORE-2023-5933 PUBLISHED

An issue has been discovered in GitLab CE/EE affecting all versions after 13.7 before 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. Improper input sanitization of user name allows arbitrary API PUT requests.

Affected Products

VendorProductVersions
GitLabGitLab16.8, 13.7, 16.7
GitLabGitLab Enterprise13.7, 16.7, 13.7

Timeline

  • Jan 25, 2024 CVE Published
Open in Interactive Console →
$ Console Community · 100/wk Open console ›