Vulnerability Database

289,784

Total vulnerabilities in the database

CVE-2023-1084

An issue has been discovered in GitLab CE/EE affecting all versions before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. A malicious project Maintainer may create a Project Access Token with Owner level privileges using a crafted request.

  • Published: Mar 9, 2023
  • Updated: Apr 14, 2023
  • CVE: CVE-2023-1084
  • Severity: Low
  • Exploit:

CVSS v3:

  • Severity: Low
  • Score: 2.7
  • AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N

No CWE or OWASP classifications available.

Software From Fixed in
gitlab / gitlab 15.9.0 15.9.2
gitlab / gitlab 15.8.0 15.8.4
gitlab / gitlab - 15.7.8