CVE-2024-5258 Information

Description

An authorization vulnerability exists within GitLab from versions 16.10 before 16.10.6 16.11 before 16.11.3 and 17.0 before 17.0.1 where an authenticated attacker could utilize a crafted naming convention to bypass pipeline authorization logic.

Reference

https://gitlab.com/gitlab-org/gitlab/-/issues/443254