A resource misdirection vulnerability in GitLab CE/EE versions 12.0 prior to 17.0.5, 17.1 prior to 17.1.3, and 17.2 prior to 17.2.1 allows an attacker to craft a repository import in such a way as to misdirect commits.
https://hackerone.com/reports/2299337
https://gitlab.com/gitlab-org/gitlab/-/issues/437103
Source: Mitre, NVD
Published: 2024-07-24
Updated: 2024-09-11
Base Score: 3.3
Vector: CVSS2#AV:N/AC:L/Au:M/C:N/I:P/A:N
Severity: Low
Base Score: 2.7
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N