{"vulnerability": "cve-2023-2181", "sightings": [{"uuid": "756733ef-d4c6-47f8-bdd4-49bfa2dd02b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2181", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2921", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-2181\n\ud83d\udd39 Description: An issue has been discovered in GitLab affecting all versions before 15.9.8, 15.10.0 before 15.10.7, and 15.11.0 before 15.11.3. A malicious developer could use a git feature called refs/replace to smuggle content into a merge request which would not be visible during review in the UI.\n\ud83d\udccf Published: 2023-05-12T00:00:00.000Z\n\ud83d\udccf Modified: 2025-01-24T15:47:03.675Z\n\ud83d\udd17 References:\n1. https://gitlab.com/gitlab-org/gitlab/-/issues/407859\n2. https://hackerone.com/reports/1938185\n3. https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2181.json", "creation_timestamp": "2025-01-24T16:04:43.000000Z"}, {"uuid": "6f634405-8168-413a-9bc8-6bcb072abf3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21817", "type": "published-proof-of-concept", "source": "https://t.me/poxek/2815", "content": "\ud83d\udd25Minimal PoC code for Kerberos Unlock LPE (CVE-2023-21817)", "creation_timestamp": "2023-04-11T18:58:39.000000Z"}, {"uuid": "4580bcf5-90b9-41c3-86d1-83e4c7fb92de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21817", "type": "seen", "source": "https://t.me/arpsyndicate/2752", "content": "#ExploitObserverAlert\n\nCVE-2023-21817\n\nDESCRIPTION: Exploit Observer has 9 entries related to CVE-2023-21817. Windows Kerberos Elevation of Privilege Vulnerability\n\nFIRST-EPSS: 0.001220000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2024-01-09T14:02:05.000000Z"}, {"uuid": "225efca9-8ec3-40c0-937e-b0456f308088", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2181", "type": "seen", "source": "https://t.me/cibsecurity/64068", "content": "\u203c CVE-2023-2181 \u203c\n\nAn issue has been discovered in GitLab affecting all versions before 15.9.8, 15.10.0 before 15.10.7, and 15.11.0 before 15.11.3. A malicious developer could use a git feature called refs/replace to smuggle content into a merge request which would not be visible during review in the UI.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-13T00:27:22.000000Z"}, {"uuid": "99954a7b-6ce5-4d61-825a-ceaf1b006326", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21815", "type": "seen", "source": "https://t.me/cibsecurity/58185", "content": "\u203c CVE-2023-21815 \u203c\n\nVisual Studio Remote Code Execution Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-15T00:35:48.000000Z"}, {"uuid": "ec33112e-8bca-427b-90fc-d2622fd8ce14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21812", "type": "seen", "source": "https://t.me/cibsecurity/58179", "content": "\u203c CVE-2023-21812 \u203c\n\nWindows Common Log File System Driver Elevation of Privilege Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-14T22:42:13.000000Z"}, {"uuid": "0b6f0ba5-b4ba-4628-9fbe-179277f5ab11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21818", "type": "seen", "source": "https://t.me/cibsecurity/58173", "content": "\u203c CVE-2023-21818 \u203c\n\nWindows Secure Channel Denial of Service Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-14T22:42:04.000000Z"}]}