Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Thu, 30 Oct 2014 17:41:02 +0200
From: Valery Sizov <>
Subject: CVE request for GitLab groups API

I would like to request a CVE identifier for a vulnerability in the groups
API of GitLab.

Affected versions:
The groups API vulnerability affects GitLab 6.0 and up.

The vulnerability patched by this release allows a guest user to delete the
owner of a group and to assign any other member as owner through the groups

You can read more details here

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.