Medium severity6.5NVD Advisory· Published Jan 5, 2018· Updated Jun 17, 2026
CVE-2014-8540
CVE-2014-8540
Description
The groups API in GitLab 6.x and 7.x before 7.4.3 allows remote authenticated guest users to modify ownership of arbitrary groups by leveraging improper permission checks.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: >=6.0,<7.4.3
- Range: <7.4.3
Patches
Vulnerability mechanics
References
5- about.gitlab.com/2014/10/30/gitlab-7-4-3-released/nvdPatchVendor Advisory
- gitlab.com/gitlab-org/gitlab-ce/commit/a2dfff418bf2532ebb5aee88414107929b17eefdnvdPatch
- www.openwall.com/lists/oss-security/2014/10/31/2nvdMailing ListThird Party Advisory
- www.securityfocus.com/bid/70841nvdThird Party AdvisoryVDB Entry
- exchange.xforce.ibmcloud.com/vulnerabilities/98449nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.