First published: Wed Feb 21 2024(Updated: )
An authorization bypass vulnerability was discovered in GitLab affecting versions 15.1 prior to 16.7.6, 16.8 prior to 16.8.3, and 16.9 prior to 16.9.1. A developer could bypass CODEOWNERS approvals by creating a merge conflict.
Credit: cve@gitlab.com
Affected Software | Affected Version | How to fix |
---|---|---|
Gitlab Gitlab | >=15.1.0<16.7.6 | |
Gitlab Gitlab | >=16.8.0<16.8.3 | |
Gitlab Gitlab | =16.9.0 |
Upgrade to versions 16.9.1, 16.8.3, 16.7.6 or above.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.