Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-2182: 2023/CVE-2023-2182.json · master · GitLab.org / cves · GitLab

An issue has been discovered in GitLab EE affecting all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. Under certain conditions when OpenID Connect is enabled on an instance, it may allow users who are marked as ‘external’ to become ‘regular’ users thus leading to privilege escalation for those users.

CVE
#js#git#auth

Skip to content

GitLab

Next

    • GitLab: the DevOps platform
    • Explore GitLab
    • Install GitLab
    • How GitLab compares
    • Get started
    • GitLab docs
    • GitLab Learn
  • Pricing

  • Talk to an expert

  • /

  • Help

    • Help

    • Support

    • Community forum

    • Submit feedback

    • Contribute to GitLab

    Projects Groups Topics Snippets

  • Register

  • Sign in

The 16.0 major release is coming on May 22, 2023! This version brings many exciting improvements to GitLab, but also removes some deprecated features. These changes are going live on GitLab.com now, continuing up to May 22, 2023, when GitLab 16.0 is released. Visit the deprecations page to see what is scheduled for removal.

  • GitLab.org

  • cves

  • Repository

  • cves

  • 2023

  • CVE-2023-2182.json

Find file BlameHistoryPermalink

  • Publishing 0 updated advisories and 9 new advisories · 48000e9f

    🤖 GitLab Bot 🤖 authored May 03, 2023

    48000e9f

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda