CVE-2023-4018

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2023-4018
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-4018.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-4018
Aliases
Related
Published
2023-09-01T11:15:43Z
Modified
2025-01-08T09:48:50.196612Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVSS Calculator
Summary
[none]
Details

An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. Due to improper permission validation it was possible to create model experiments in public projects.

References

Affected packages

Git / gitlab.com/gitlab-org/gitlab

Affected ranges

Type
GIT
Repo
https://gitlab.com/gitlab-org/gitlab
Events
Introduced
3adc0fe6e7c163bedd7faa5f0c4d1e5fbb6bf3c5
Fixed
16c20745a286eb674f48366d84abe5f4dd5fb2c6

Affected versions

v16.*

v16.2.0-ee
v16.2.1-ee
v16.2.2-ee
v16.2.3-ee
v16.2.4-ee