Vulnerability Database

290,206

Total vulnerabilities in the database

CVE-2024-0199

An authorization bypass vulnerability was discovered in GitLab affecting versions 11.3 prior to 16.7.7, 16.7.6 prior to 16.8.4, and 16.8.3 prior to 16.9.2. An attacker could bypass CODEOWNERS by utilizing a crafted payload in an old feature branch to perform malicious actions.

  • Published: Mar 7, 2024
  • Updated: May 4, 2025
  • CVE: CVE-2024-0199
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 8
  • AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CWEs:

Software From Fixed in
gitlab / gitlab 16.9.0 16.9.2
gitlab / gitlab 16.8.0 16.8.4
gitlab / gitlab 11.3 16.7.7