{"vulnerability": "cve-2023-2589", "sightings": [{"uuid": "a0b0b714-bb59-4e09-9ea9-12e9a8dff8d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2589", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/457", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-2589\n\ud83d\udd39 Description: An issue has been discovered in GitLab EE affecting all versions starting from 12.0 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. An attacker can clone a repository from a public project, from a disallowed IP, even after the top-level group has enabled IP restrictions on the group.\n\ud83d\udccf Published: 2023-06-07T00:00:00\n\ud83d\udccf Modified: 2025-01-07T16:25:26.100Z\n\ud83d\udd17 References:\n1. https://gitlab.com/gitlab-org/gitlab/-/issues/407891\n2. https://hackerone.com/reports/1941803\n3. https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2589.json", "creation_timestamp": "2025-01-07T16:38:52.000000Z"}, {"uuid": "0cb118fb-0c12-47b1-bd5a-90bc50cb7059", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25893", "type": "seen", "source": "https://t.me/cibsecurity/60940", "content": "\u203c CVE-2023-25893 \u203c\n\nAdobe Dimension versions 3.4.7 (and earlier) is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-29T00:40:04.000000Z"}, {"uuid": "1d68b0ac-5b16-42d8-8b61-6866d3fb5689", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25897", "type": "seen", "source": "https://t.me/cibsecurity/60932", "content": "\u203c CVE-2023-25897 \u203c\n\nAdobe Dimension versions 3.4.7 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-29T00:39:51.000000Z"}, {"uuid": "6c8b499f-ec3a-4b26-9011-26e13764321e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25892", "type": "seen", "source": "https://t.me/cibsecurity/60933", "content": "\u203c CVE-2023-25892 \u203c\n\nAdobe Dimension versions 3.4.7 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-29T00:39:52.000000Z"}, {"uuid": "d6e8f085-e132-41fa-9d3c-6888ed4e875c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25891", "type": "seen", "source": "https://t.me/cibsecurity/60972", "content": "\u203c CVE-2023-25891 \u203c\n\nAdobe Dimension versions 3.4.7 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-29T00:49:53.000000Z"}, {"uuid": "46c1fd6f-53c2-4697-86ff-2c0beb38e9b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25894", "type": "seen", "source": "https://t.me/cibsecurity/60930", "content": "\u203c CVE-2023-25894 \u203c\n\nAdobe Dimension versions 3.4.7 (and earlier) is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-29T00:39:50.000000Z"}]}