Security Advisory

CVE-2023-2485

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-06-07 00:00:00

Last updated 2025-01-07 15:44:24

Assigner GitLab

State PUBLISHED

Description

An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.1 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. A malicious maintainer in a project can escalate other users to Owners in that project if they import members from another project that those other users are Owners of.

← Browse all CVEs View on cve.org ↗