Date: Thu, 30 Oct 2014 17:41:02 +0200 From: Valery Sizov <valery@...lab.com> To: oss-security@...ts.openwall.com Subject: CVE request for GitLab groups API Hello, I would like to request a CVE identifier for a vulnerability in the groups API of GitLab. Affected versions: The groups API vulnerability affects GitLab 6.0 and up. Impact: The vulnerability patched by this release allows a guest user to delete the owner of a group and to assign any other member as owner through the groups API. You can read more details here https://about.gitlab.com/2014/10/30/gitlab-7-4-3-released/
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ