CVE-2023-3441
MEDIUMDescription
An issue has been discovered in GitLab EE/CE affecting all versions starting from 8.0 before 16.4. The product did not sufficiently warn about security implications of granting merge rights to protected branches.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| gitlab | gitlab |
| gitlab | gitlab |
References
Frequently Asked Questions
What is CVE-2023-3441? +
How severe is CVE-2023-3441? +
What products are affected by CVE-2023-3441? +
How do I check if I'm vulnerable to CVE-2023-3441? +
Related Vulnerabilities
Exposure of Sensitive Information Due to Incompatible Policies vulnerability in Mia Technology Inc. MİA-MED allows Collect Data as Provided by …
Apache Airflow 3 introduced a change to the handling of sensitive information in Connections. The intent was to restrict access …
Exposure of Sensitive Information vulnerability in Naukowa i Akademicka Sieć Komputerowa - Państwowy Instytut Badawczy EZD RP allows logged-in user …
IBM Concert 1.0.0, 1.0.1, and 1.0.2 is vulnerable to sensitive information disclosure through specially crafted API Calls.
The Dario Health Internet-based server infrastructure is vulnerable due to exposure of development environment details, which could lead to unsafe …
Under certain conditions Statutory Reports in SAP S/4 HANA allows an attacker with basic privileges to access information which would …