Action not permitted
Modal body text goes here.
Modal Title
Modal Body
WID-SEC-W-2023-2520
Vulnerability from csaf_certbund - Published: 2023-09-28 22:00 - Updated: 2023-09-28 22:00Summary
GitLab: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
GitLab ist eine Webanwendung zur Versionsverwaltung für Softwareprojekte auf Basis von git.
Angriff
Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in GitLab ausnutzen, um beliebigen Programmcode mit Rechten des Benutzers auszuführen, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder Dateien zu manipulieren.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "GitLab ist eine Webanwendung zur Versionsverwaltung f\u00fcr Softwareprojekte auf Basis von git.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in GitLab ausnutzen, um beliebigen Programmcode mit Rechten des Benutzers auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder Dateien zu manipulieren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-2520 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2520.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-2520 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2520"
},
{
"category": "external",
"summary": "GitLab Security Advisory vom 2023-09-28",
"url": "https://about.gitlab.com/releases/2023/09/28/security-release-gitlab-16-4-1-released/"
}
],
"source_lang": "en-US",
"title": "GitLab: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-09-28T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:59:15.303+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-2520",
"initial_release_date": "2023-09-28T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-09-28T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Open Source GitLab \u003c 16.4.1 Community Edition",
"product": {
"name": "Open Source GitLab \u003c 16.4.1 Community Edition",
"product_id": "T030166",
"product_identification_helper": {
"cpe": "cpe:/a:gitlab:gitlab:16.4.1_community_edition"
}
}
},
{
"category": "product_name",
"name": "Open Source GitLab \u003c 16.3.5 Community Edition",
"product": {
"name": "Open Source GitLab \u003c 16.3.5 Community Edition",
"product_id": "T030167",
"product_identification_helper": {
"cpe": "cpe:/a:gitlab:gitlab:16.3.5_community_edition"
}
}
},
{
"category": "product_name",
"name": "Open Source GitLab \u003c 16.2.8 Community Edition",
"product": {
"name": "Open Source GitLab \u003c 16.2.8 Community Edition",
"product_id": "T030168",
"product_identification_helper": {
"cpe": "cpe:/a:gitlab:gitlab:16.2.8_community_edition"
}
}
},
{
"category": "product_name",
"name": "Open Source GitLab \u003c 16.2.8 Enterprise Edition",
"product": {
"name": "Open Source GitLab \u003c 16.2.8 Enterprise Edition",
"product_id": "T030169",
"product_identification_helper": {
"cpe": "cpe:/a:gitlab:gitlab:16.2.8_enterprise_edition"
}
}
},
{
"category": "product_name",
"name": "Open Source GitLab \u003c 16.3.5 Enterprise Edition",
"product": {
"name": "Open Source GitLab \u003c 16.3.5 Enterprise Edition",
"product_id": "T030170",
"product_identification_helper": {
"cpe": "cpe:/a:gitlab:gitlab:16.3.5_enterprise_edition"
}
}
},
{
"category": "product_name",
"name": "Open Source GitLab \u003c 16.4.1 Enterprise Edition",
"product": {
"name": "Open Source GitLab \u003c 16.4.1 Enterprise Edition",
"product_id": "T030171",
"product_identification_helper": {
"cpe": "cpe:/a:gitlab:gitlab:16.4.1_enterprise_edition"
}
}
}
],
"category": "product_name",
"name": "GitLab"
}
],
"category": "vendor",
"name": "Open Source"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-5207",
"notes": [
{
"category": "description",
"text": "In GitLab existieren mehrere Schwachstellen. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Rechten des Benutzers auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder Dateien zu manipulieren. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"release_date": "2023-09-28T22:00:00.000+00:00",
"title": "CVE-2023-5207"
},
{
"cve": "CVE-2023-5198",
"notes": [
{
"category": "description",
"text": "In GitLab existieren mehrere Schwachstellen. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Rechten des Benutzers auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder Dateien zu manipulieren. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"release_date": "2023-09-28T22:00:00.000+00:00",
"title": "CVE-2023-5198"
},
{
"cve": "CVE-2023-5106",
"notes": [
{
"category": "description",
"text": "In GitLab existieren mehrere Schwachstellen. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Rechten des Benutzers auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder Dateien zu manipulieren. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"release_date": "2023-09-28T22:00:00.000+00:00",
"title": "CVE-2023-5106"
},
{
"cve": "CVE-2023-4658",
"notes": [
{
"category": "description",
"text": "In GitLab existieren mehrere Schwachstellen. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Rechten des Benutzers auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder Dateien zu manipulieren. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"release_date": "2023-09-28T22:00:00.000+00:00",
"title": "CVE-2023-4658"
},
{
"cve": "CVE-2023-4532",
"notes": [
{
"category": "description",
"text": "In GitLab existieren mehrere Schwachstellen. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Rechten des Benutzers auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder Dateien zu manipulieren. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"release_date": "2023-09-28T22:00:00.000+00:00",
"title": "CVE-2023-4532"
},
{
"cve": "CVE-2023-4379",
"notes": [
{
"category": "description",
"text": "In GitLab existieren mehrere Schwachstellen. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Rechten des Benutzers auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder Dateien zu manipulieren. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"release_date": "2023-09-28T22:00:00.000+00:00",
"title": "CVE-2023-4379"
},
{
"cve": "CVE-2023-3979",
"notes": [
{
"category": "description",
"text": "In GitLab existieren mehrere Schwachstellen. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Rechten des Benutzers auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder Dateien zu manipulieren. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"release_date": "2023-09-28T22:00:00.000+00:00",
"title": "CVE-2023-3979"
},
{
"cve": "CVE-2023-3922",
"notes": [
{
"category": "description",
"text": "In GitLab existieren mehrere Schwachstellen. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Rechten des Benutzers auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder Dateien zu manipulieren. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"release_date": "2023-09-28T22:00:00.000+00:00",
"title": "CVE-2023-3922"
},
{
"cve": "CVE-2023-3920",
"notes": [
{
"category": "description",
"text": "In GitLab existieren mehrere Schwachstellen. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Rechten des Benutzers auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder Dateien zu manipulieren. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"release_date": "2023-09-28T22:00:00.000+00:00",
"title": "CVE-2023-3920"
},
{
"cve": "CVE-2023-3917",
"notes": [
{
"category": "description",
"text": "In GitLab existieren mehrere Schwachstellen. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Rechten des Benutzers auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder Dateien zu manipulieren. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"release_date": "2023-09-28T22:00:00.000+00:00",
"title": "CVE-2023-3917"
},
{
"cve": "CVE-2023-3914",
"notes": [
{
"category": "description",
"text": "In GitLab existieren mehrere Schwachstellen. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Rechten des Benutzers auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder Dateien zu manipulieren. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"release_date": "2023-09-28T22:00:00.000+00:00",
"title": "CVE-2023-3914"
},
{
"cve": "CVE-2023-3906",
"notes": [
{
"category": "description",
"text": "In GitLab existieren mehrere Schwachstellen. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Rechten des Benutzers auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder Dateien zu manipulieren. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"release_date": "2023-09-28T22:00:00.000+00:00",
"title": "CVE-2023-3906"
},
{
"cve": "CVE-2023-3413",
"notes": [
{
"category": "description",
"text": "In GitLab existieren mehrere Schwachstellen. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Rechten des Benutzers auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder Dateien zu manipulieren. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"release_date": "2023-09-28T22:00:00.000+00:00",
"title": "CVE-2023-3413"
},
{
"cve": "CVE-2023-3115",
"notes": [
{
"category": "description",
"text": "In GitLab existieren mehrere Schwachstellen. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Rechten des Benutzers auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder Dateien zu manipulieren. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"release_date": "2023-09-28T22:00:00.000+00:00",
"title": "CVE-2023-3115"
},
{
"cve": "CVE-2023-2233",
"notes": [
{
"category": "description",
"text": "In GitLab existieren mehrere Schwachstellen. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Rechten des Benutzers auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder Dateien zu manipulieren. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"release_date": "2023-09-28T22:00:00.000+00:00",
"title": "CVE-2023-2233"
},
{
"cve": "CVE-2023-0989",
"notes": [
{
"category": "description",
"text": "In GitLab existieren mehrere Schwachstellen. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Rechten des Benutzers auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder Dateien zu manipulieren. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"release_date": "2023-09-28T22:00:00.000+00:00",
"title": "CVE-2023-0989"
}
]
}
CVE-2023-3914 (GCVE-0-2023-3914)
Vulnerability from cvelistv5 – Published: 2023-09-29 06:02 – Updated: 2025-11-20 04:08
VLAI?
EPSS
Summary
A business logic error in GitLab EE affecting all versions prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows access to internal projects. A service account is not deleted when a namespace is deleted, allowing access to internal projects.
Severity ?
5.4 (Medium)
CWE
- CWE-286 - Incorrect User Management
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
Credits
Thanks [joaxcar](https://hackerone.com/joaxcar) for reporting this vulnerability through our HackerOne bug bounty program
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "gitlab",
"vendor": "gitlab",
"versions": [
{
"lessThan": "16.2.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:16.3.0:*:*:*:enterprise:*:*:*"
],
"defaultStatus": "unaffected",
"product": "gitlab",
"vendor": "gitlab",
"versions": [
{
"lessThan": "16.3.5",
"status": "affected",
"version": "16.3.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:16.4.0:*:*:*:enterprise:*:*:*"
],
"defaultStatus": "unaffected",
"product": "gitlab",
"vendor": "gitlab",
"versions": [
{
"lessThan": "16.4.1",
"status": "affected",
"version": "16.4.0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-3914",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-24T13:49:27.658392Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-17T16:02:38.191Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:08:50.677Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GitLab Issue #418115",
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/418115"
},
{
"name": "HackerOne Bug Bounty Report #2040822",
"tags": [
"technical-description",
"exploit",
"x_transferred"
],
"url": "https://hackerone.com/reports/2040822"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "GitLab",
"repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
"vendor": "GitLab",
"versions": [
{
"lessThan": "16.2.8",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "16.3.5",
"status": "affected",
"version": "16.3",
"versionType": "semver"
},
{
"lessThan": "16.4.1",
"status": "affected",
"version": "16.4",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thanks [joaxcar](https://hackerone.com/joaxcar) for reporting this vulnerability through our HackerOne bug bounty program"
}
],
"descriptions": [
{
"lang": "en",
"value": "A business logic error in GitLab EE affecting all versions prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows access to internal projects. A service account is not deleted when a namespace is deleted, allowing access to internal projects."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-286",
"description": "CWE-286: Incorrect User Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T04:08:33.278Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"name": "GitLab Issue #418115",
"tags": [
"issue-tracking"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/418115"
},
{
"name": "HackerOne Bug Bounty Report #2040822",
"tags": [
"technical-description",
"exploit",
"permissions-required"
],
"url": "https://hackerone.com/reports/2040822"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to version 16.4.1, 16.3.5 or 16.2.8"
}
],
"title": "Incorrect User Management in GitLab"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2023-3914",
"datePublished": "2023-09-29T06:02:21.304Z",
"dateReserved": "2023-07-25T10:30:31.597Z",
"dateUpdated": "2025-11-20T04:08:33.278Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-5106 (GCVE-0-2023-5106)
Vulnerability from cvelistv5 – Published: 2023-10-02 11:49 – Updated: 2024-10-05 04:04
VLAI?
EPSS
Summary
An issue has been discovered in Ultimate-licensed GitLab EE affecting all versions starting 13.12 prior to 16.2.8, 16.3.0 prior to 16.3.5, and 16.4.0 prior to 16.4.1 that could allow an attacker to impersonate users in CI pipelines through direct transfer group imports.
Severity ?
8.2 (High)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
Credits
This vulnerability has been discovered internally by GitLab team member Joern Schneeweisz
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:44:53.795Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/commit/67039cfcae80b8fc0496f79be88714873cd169b3"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5106",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-30T15:13:29.457533Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-30T15:13:45.888Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "GitLab",
"repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
"vendor": "GitLab",
"versions": [
{
"lessThan": "16.2.8",
"status": "affected",
"version": "13.12",
"versionType": "semver"
},
{
"lessThan": "16.3.5",
"status": "affected",
"version": "16.3.0",
"versionType": "semver"
},
{
"lessThan": "16.4.1",
"status": "affected",
"version": "16.4.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "This vulnerability has been discovered internally by GitLab team member Joern Schneeweisz"
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue has been discovered in Ultimate-licensed GitLab EE affecting all versions starting 13.12 prior to 16.2.8, 16.3.0 prior to 16.3.5, and 16.4.0 prior to 16.4.1 that could allow an attacker to impersonate users in CI pipelines through direct transfer group imports."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-05T04:04:21.739Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"name": "GitLab Commit",
"url": "https://gitlab.com/gitlab-org/gitlab/-/commit/67039cfcae80b8fc0496f79be88714873cd169b3"
},
{
"name": "GitLab Issue #980",
"tags": [
"permissions-required"
],
"url": "https://gitlab.com/gitlab-org/security/gitlab/-/issues/980"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to version 16.2.8, 16.3.5, 16.4.1. If it is not viable to immediately upgrade to a patched version, risk of exploitation can be mitigated by ensuring the [Migrate groups by direct transfer](https://docs.gitlab.com/ee/user/group/import/index.html#migrate-groups-by-direct-transfer-recommended) feature is disabled until GitLab has been upgraded."
}
],
"title": "Incorrect Authorization in GitLab"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2023-5106",
"datePublished": "2023-10-02T11:49:56.333Z",
"dateReserved": "2023-09-21T10:30:28.355Z",
"dateUpdated": "2024-10-05T04:04:21.739Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-0989 (GCVE-0-2023-0989)
Vulnerability from cvelistv5 – Published: 2023-09-29 06:30 – Updated: 2025-11-20 04:06
VLAI?
EPSS
Summary
An information disclosure issue in GitLab CE/EE affecting all versions starting from 13.11 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows an attacker to extract non-protected CI/CD variables by tricking a user to visit a fork with a malicious CI/CD configuration.
Severity ?
4.3 (Medium)
CWE
- CWE-282 - Improper Ownership Management
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
Credits
Thanks [shells3c](https://hackerone.com/shells3c) for reporting this vulnerability through our HackerOne bug bounty program
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-0989",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-24T13:25:59.406671Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-26T18:06:41.933Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:32:46.144Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GitLab Issue #417275",
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/417275"
},
{
"name": "HackerOne Bug Bounty Report #1875515",
"tags": [
"technical-description",
"exploit",
"x_transferred"
],
"url": "https://hackerone.com/reports/1875515"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "GitLab",
"repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
"vendor": "GitLab",
"versions": [
{
"lessThan": "16.2.8",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "16.3.5",
"status": "affected",
"version": "16.3",
"versionType": "semver"
},
{
"lessThan": "16.4.1",
"status": "affected",
"version": "16.4",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thanks [shells3c](https://hackerone.com/shells3c) for reporting this vulnerability through our HackerOne bug bounty program"
}
],
"descriptions": [
{
"lang": "en",
"value": "An information disclosure issue in GitLab CE/EE affecting all versions starting from 13.11 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows an attacker to extract non-protected CI/CD variables by tricking a user to visit a fork with a malicious CI/CD configuration."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-282",
"description": "CWE-282: Improper Ownership Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T04:06:08.264Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"name": "GitLab Issue #417275",
"tags": [
"issue-tracking"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/417275"
},
{
"name": "HackerOne Bug Bounty Report #1875515",
"tags": [
"technical-description",
"exploit",
"permissions-required"
],
"url": "https://hackerone.com/reports/1875515"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to versions 16.4.1, 16.3.5, 16.2.8 or above."
}
],
"title": "Improper Ownership Management in GitLab"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2023-0989",
"datePublished": "2023-09-29T06:30:56.081Z",
"dateReserved": "2023-02-23T15:20:44.570Z",
"dateUpdated": "2025-11-20T04:06:08.264Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-3917 (GCVE-0-2023-3917)
Vulnerability from cvelistv5 – Published: 2023-09-29 06:02 – Updated: 2025-11-20 04:08
VLAI?
EPSS
Summary
Denial of Service in pipelines affecting all versions of Gitlab EE and CE prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows attacker to cause pipelines to fail.
Severity ?
4.3 (Medium)
CWE
- CWE-1287 - Improper Validation of Specified Type of Input
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
Credits
Thanks [js_noob](https://hackerone.com/js_noob) for reporting this vulnerability through our HackerOne bug bounty program
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:08:50.793Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GitLab Issue #417896",
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/417896"
},
{
"name": "HackerOne Bug Bounty Report #2055158",
"tags": [
"technical-description",
"exploit",
"x_transferred"
],
"url": "https://hackerone.com/reports/2055158"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-3917",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-30T15:40:36.735432Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-30T15:40:49.497Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "GitLab",
"repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
"vendor": "GitLab",
"versions": [
{
"lessThan": "16.2.8",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "16.3.5",
"status": "affected",
"version": "16.3",
"versionType": "semver"
},
{
"lessThan": "16.4.1",
"status": "affected",
"version": "16.4",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thanks [js_noob](https://hackerone.com/js_noob) for reporting this vulnerability through our HackerOne bug bounty program"
}
],
"descriptions": [
{
"lang": "en",
"value": "Denial of Service in pipelines affecting all versions of Gitlab EE and CE prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows attacker to cause pipelines to fail."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1287",
"description": "CWE-1287: Improper Validation of Specified Type of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T04:08:43.256Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"name": "GitLab Issue #417896",
"tags": [
"issue-tracking"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/417896"
},
{
"name": "HackerOne Bug Bounty Report #2055158",
"tags": [
"technical-description",
"exploit",
"permissions-required"
],
"url": "https://hackerone.com/reports/2055158"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to version 16.4.1, 16.3.5 or 16.2.8"
}
],
"title": "Improper Validation of Specified Type of Input in GitLab"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2023-3917",
"datePublished": "2023-09-29T06:02:26.304Z",
"dateReserved": "2023-07-25T10:30:32.198Z",
"dateUpdated": "2025-11-20T04:08:43.256Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-4658 (GCVE-0-2023-4658)
Vulnerability from cvelistv5 – Published: 2023-12-01 07:01 – Updated: 2025-11-20 04:09
VLAI?
EPSS
Summary
An issue has been discovered in GitLab EE affecting all versions starting from 8.13 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for an attacker to abuse the `Allowed to merge` permission as a guest user, when granted the permission through a group.
Severity ?
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
Credits
Thanks [theluci](https://hackerone.com/theluci) for reporting this vulnerability through our HackerOne bug bounty program
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:31:06.624Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GitLab Issue #423835",
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/423835"
},
{
"name": "HackerOne Bug Bounty Report #2104540",
"tags": [
"technical-description",
"exploit",
"x_transferred"
],
"url": "https://hackerone.com/reports/2104540"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "GitLab",
"repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
"vendor": "GitLab",
"versions": [
{
"lessThan": "16.4.3",
"status": "affected",
"version": "8.13",
"versionType": "semver"
},
{
"lessThan": "16.5.3",
"status": "affected",
"version": "16.5",
"versionType": "semver"
},
{
"lessThan": "16.6.1",
"status": "affected",
"version": "16.6",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thanks [theluci](https://hackerone.com/theluci) for reporting this vulnerability through our HackerOne bug bounty program"
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue has been discovered in GitLab EE affecting all versions starting from 8.13 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for an attacker to abuse the `Allowed to merge` permission as a guest user, when granted the permission through a group."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T04:09:48.351Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"name": "GitLab Issue #423835",
"tags": [
"issue-tracking"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/423835"
},
{
"name": "HackerOne Bug Bounty Report #2104540",
"tags": [
"technical-description",
"exploit",
"permissions-required"
],
"url": "https://hackerone.com/reports/2104540"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to versions 16.4.3, 16.5.3, 16.6.1 or above."
}
],
"title": "Incorrect Authorization in GitLab"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2023-4658",
"datePublished": "2023-12-01T07:01:58.125Z",
"dateReserved": "2023-08-31T05:30:28.470Z",
"dateUpdated": "2025-11-20T04:09:48.351Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-5198 (GCVE-0-2023-5198)
Vulnerability from cvelistv5 – Published: 2023-09-29 07:01 – Updated: 2025-11-20 04:10
VLAI?
EPSS
Summary
An issue has been discovered in GitLab affecting all versions prior to 16.2.7, all versions starting from 16.3 before 16.3.5, and all versions starting from 16.4 before 16.4.1. It was possible for a removed project member to write to protected branches using deploy keys.
Severity ?
4.3 (Medium)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
Credits
Thanks [theluci](https://hackerone.com/theluci) for reporting this vulnerability through our HackerOne bug bounty program
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:52:07.928Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GitLab Issue #416957",
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/416957"
},
{
"name": "HackerOne Bug Bounty Report #2041789",
"tags": [
"technical-description",
"exploit",
"x_transferred"
],
"url": "https://hackerone.com/reports/2041789"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5198",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-30T15:12:22.702062Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-30T15:12:36.058Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "GitLab",
"repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
"vendor": "GitLab",
"versions": [
{
"lessThanOrEqual": "16.2.7",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "16.3.5",
"status": "affected",
"version": "16.3",
"versionType": "semver"
},
{
"lessThan": "16.4.1",
"status": "affected",
"version": "16.4",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thanks [theluci](https://hackerone.com/theluci) for reporting this vulnerability through our HackerOne bug bounty program"
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue has been discovered in GitLab affecting all versions prior to 16.2.7, all versions starting from 16.3 before 16.3.5, and all versions starting from 16.4 before 16.4.1. It was possible for a removed project member to write to protected branches using deploy keys."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T04:10:23.938Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"name": "GitLab Issue #416957",
"tags": [
"issue-tracking"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/416957"
},
{
"name": "HackerOne Bug Bounty Report #2041789",
"tags": [
"technical-description",
"exploit",
"permissions-required"
],
"url": "https://hackerone.com/reports/2041789"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to versions 16.4.1, 16.3.5, 16.2.8 or above."
}
],
"title": "Incorrect Authorization in GitLab"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2023-5198",
"datePublished": "2023-09-29T07:01:42.219Z",
"dateReserved": "2023-09-26T10:01:49.676Z",
"dateUpdated": "2025-11-20T04:10:23.938Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-2233 (GCVE-0-2023-2233)
Vulnerability from cvelistv5 – Published: 2023-09-29 06:30 – Updated: 2025-11-20 04:06
VLAI?
EPSS
Summary
An improper authorization issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 16.2.8, all versions starting from 16.3 before 16.3.5 and all versions starting from 16.4 before 16.4.1. It allows a project reporter to leak the owner's Sentry instance projects.
Severity ?
CWE
- CWE-862 - Missing Authorization
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
Credits
Thanks [js_noob](https://hackerone.com/js_noob) for reporting this vulnerability through our HackerOne bug bounty program
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:19:13.579Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GitLab Issue #408359",
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/408359"
},
{
"name": "HackerOne Bug Bounty Report #1947211",
"tags": [
"technical-description",
"exploit",
"x_transferred"
],
"url": "https://hackerone.com/reports/1947211"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-2233",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-30T14:19:07.736908Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-30T14:19:35.595Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "GitLab",
"repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
"vendor": "GitLab",
"versions": [
{
"lessThan": "16.2.8",
"status": "affected",
"version": "11.8",
"versionType": "semver"
},
{
"lessThan": "16.3.5",
"status": "affected",
"version": "16.3",
"versionType": "semver"
},
{
"lessThan": "16.4.1",
"status": "affected",
"version": "16.4",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thanks [js_noob](https://hackerone.com/js_noob) for reporting this vulnerability through our HackerOne bug bounty program"
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper authorization issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 16.2.8, all versions starting from 16.3 before 16.3.5 and all versions starting from 16.4 before 16.4.1. It allows a project reporter to leak the owner\u0027s Sentry instance projects."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862: Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T04:06:48.254Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"name": "GitLab Issue #408359",
"tags": [
"issue-tracking"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/408359"
},
{
"name": "HackerOne Bug Bounty Report #1947211",
"tags": [
"technical-description",
"exploit",
"permissions-required"
],
"url": "https://hackerone.com/reports/1947211"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to versions 16.2.x, 16.3.x, 16.4.x or above."
}
],
"title": "Missing Authorization in GitLab"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2023-2233",
"datePublished": "2023-09-29T06:30:51.179Z",
"dateReserved": "2023-04-21T14:27:20.134Z",
"dateUpdated": "2025-11-20T04:06:48.254Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-4379 (GCVE-0-2023-4379)
Vulnerability from cvelistv5 – Published: 2023-11-09 21:01 – Updated: 2024-10-03 06:23
VLAI?
EPSS
Summary
An issue has been discovered in GitLab EE affecting all versions starting from 15.3 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. Code owner approval was not removed from merge requests when the target branch was updated.
Severity ?
8.1 (High)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
Credits
This issue was reported by a customer.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:24:04.500Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GitLab Issue #415496",
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/415496"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4379",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-30T15:30:35.330645Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-30T15:39:21.250Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "GitLab",
"repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
"vendor": "GitLab",
"versions": [
{
"lessThan": "16.2.8",
"status": "affected",
"version": "15.3",
"versionType": "semver"
},
{
"lessThan": "16.3.5",
"status": "affected",
"version": "16.3",
"versionType": "semver"
},
{
"lessThan": "16.4.1",
"status": "affected",
"version": "16.4",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "This issue was reported by a customer."
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue has been discovered in GitLab EE affecting all versions starting from 15.3 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. Code owner approval was not removed from merge requests when the target branch was updated."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-03T06:23:14.529Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"name": "GitLab Issue #415496",
"tags": [
"issue-tracking"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/415496"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to version 16.2.8, 16.3.5, 16.4.1 or above"
}
],
"title": "Incorrect Authorization in GitLab"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2023-4379",
"datePublished": "2023-11-09T21:01:10.733Z",
"dateReserved": "2023-08-16T03:30:27.793Z",
"dateUpdated": "2024-10-03T06:23:14.529Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4532 (GCVE-0-2023-4532)
Vulnerability from cvelistv5 – Published: 2023-09-29 06:02 – Updated: 2025-11-20 04:09
VLAI?
EPSS
Summary
An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. Users were capable of linking CI/CD jobs of private projects which they are not a member of.
Severity ?
4.3 (Medium)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
Credits
Thanks [ricardobrito](https://hackerone.com/ricardobrito) for reporting this vulnerability through our HackerOne bug bounty program
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:16.2:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "gitlab",
"vendor": "gitlab",
"versions": [
{
"lessThan": "16.2.8",
"status": "affected",
"version": "16.2",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:16.4:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "gitlab",
"vendor": "gitlab",
"versions": [
{
"lessThan": "16.4.1",
"status": "affected",
"version": "16.4",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:16.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "gitlab",
"vendor": "gitlab",
"versions": [
{
"lessThan": "16.3.5",
"status": "affected",
"version": "16.3",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4532",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-24T14:37:07.802802Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-17T16:03:34.673Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:31:06.033Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GitLab Issue #423357",
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/423357"
},
{
"name": "HackerOne Bug Bounty Report #2084199",
"tags": [
"technical-description",
"exploit",
"x_transferred"
],
"url": "https://hackerone.com/reports/2084199"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "GitLab",
"repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
"vendor": "GitLab",
"versions": [
{
"lessThan": "16.2.8",
"status": "affected",
"version": "16.2",
"versionType": "semver"
},
{
"lessThan": "16.3.5",
"status": "affected",
"version": "16.3",
"versionType": "semver"
},
{
"lessThan": "16.4.1",
"status": "affected",
"version": "16.4",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thanks [ricardobrito](https://hackerone.com/ricardobrito) for reporting this vulnerability through our HackerOne bug bounty program"
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. Users were capable of linking CI/CD jobs of private projects which they are not a member of."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T04:09:43.683Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"name": "GitLab Issue #423357",
"tags": [
"issue-tracking"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/423357"
},
{
"name": "HackerOne Bug Bounty Report #2084199",
"tags": [
"technical-description",
"exploit",
"permissions-required"
],
"url": "https://hackerone.com/reports/2084199"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to versions 16.4.1, 16.3.5, 16.2.8 or above."
}
],
"title": "Incorrect Authorization in GitLab"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2023-4532",
"datePublished": "2023-09-29T06:02:01.299Z",
"dateReserved": "2023-08-25T07:01:10.482Z",
"dateUpdated": "2025-11-20T04:09:43.683Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-5207 (GCVE-0-2023-5207)
Vulnerability from cvelistv5 – Published: 2023-09-30 08:30 – Updated: 2025-11-20 04:10
VLAI?
EPSS
Summary
A vulnerability was discovered in GitLab CE and EE affecting all versions starting 16.0 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. An authenticated attacker could perform arbitrary pipeline execution under the context of another user.
Severity ?
8.2 (High)
CWE
- CWE-250 - Execution with Unnecessary Privileges
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
Credits
Thanks [joaxcar](https://hackerone.com/joaxcar) for reporting this vulnerability through our HackerOne bug bounty program
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5207",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-24T18:29:24.441970Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-17T15:48:48.009Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:52:07.762Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GitLab Issue #425604",
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/425604"
},
{
"name": "GitLab Issue #425857",
"tags": [
"issue-tracking",
"permissions-required",
"x_transferred"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/425857"
},
{
"name": "HackerOne Bug Bounty Report #2174141",
"tags": [
"technical-description",
"exploit",
"x_transferred"
],
"url": "https://hackerone.com/reports/2174141"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "GitLab",
"repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
"vendor": "GitLab",
"versions": [
{
"lessThan": "16.4.1",
"status": "affected",
"version": "16.4",
"versionType": "semver"
},
{
"lessThan": "16.3.5",
"status": "affected",
"version": "16.3",
"versionType": "semver"
},
{
"lessThan": "16.2.8",
"status": "affected",
"version": "16.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thanks [joaxcar](https://hackerone.com/joaxcar) for reporting this vulnerability through our HackerOne bug bounty program"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was discovered in GitLab CE and EE affecting all versions starting 16.0 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. An authenticated attacker could perform arbitrary pipeline execution under the context of another user."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250: Execution with Unnecessary Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T04:10:28.256Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"name": "GitLab Issue #425604",
"tags": [
"issue-tracking"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/425604"
},
{
"name": "GitLab Issue #425857",
"tags": [
"issue-tracking",
"permissions-required"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/425857"
},
{
"name": "HackerOne Bug Bounty Report #2174141",
"tags": [
"technical-description",
"exploit",
"permissions-required"
],
"url": "https://hackerone.com/reports/2174141"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to versions 16.4.1, 16.3.5, 16.2.8 or above."
}
],
"title": "Execution with Unnecessary Privileges in GitLab"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2023-5207",
"datePublished": "2023-09-30T08:30:30.788Z",
"dateReserved": "2023-09-26T18:01:22.360Z",
"dateUpdated": "2025-11-20T04:10:28.256Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-3906 (GCVE-0-2023-3906)
Vulnerability from cvelistv5 – Published: 2023-09-29 06:02 – Updated: 2025-11-20 04:08
VLAI?
EPSS
Summary
An input validation issue in the asset proxy in GitLab EE, affecting all versions from 12.3 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1, allowed an authenticated attacker to craft image urls which bypass the asset proxy.
Severity ?
CWE
- CWE-1287 - Improper Validation of Specified Type of Input
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
Credits
Thanks [afewgoats](https://hackerone.com/afewgoats) for reporting this vulnerability through our HackerOne bug bounty program
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:08:50.669Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GitLab Issue #419213",
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/419213"
},
{
"name": "HackerOne Bug Bounty Report #2071411",
"tags": [
"technical-description",
"exploit",
"x_transferred"
],
"url": "https://hackerone.com/reports/2071411"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-3906",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-30T14:28:00.520335Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-30T14:28:17.807Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "GitLab",
"repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
"vendor": "GitLab",
"versions": [
{
"lessThan": "16.2.8",
"status": "affected",
"version": "12.3",
"versionType": "semver"
},
{
"lessThan": "16.3.5",
"status": "affected",
"version": "16.3",
"versionType": "semver"
},
{
"lessThan": "16.4.1",
"status": "affected",
"version": "16.4",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thanks [afewgoats](https://hackerone.com/afewgoats) for reporting this vulnerability through our HackerOne bug bounty program"
}
],
"descriptions": [
{
"lang": "en",
"value": "An input validation issue in the asset proxy in GitLab EE, affecting all versions from 12.3 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1, allowed an authenticated attacker to craft image urls which bypass the asset proxy."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1287",
"description": "CWE-1287: Improper Validation of Specified Type of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T04:08:18.260Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"name": "GitLab Issue #419213",
"tags": [
"issue-tracking"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/419213"
},
{
"name": "HackerOne Bug Bounty Report #2071411",
"tags": [
"technical-description",
"exploit",
"permissions-required"
],
"url": "https://hackerone.com/reports/2071411"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to version 16.2.8, 16.3.5, 16.4.1 or above"
}
],
"title": "Improper Validation of Specified Type of Input in GitLab"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2023-3906",
"datePublished": "2023-09-29T06:02:16.308Z",
"dateReserved": "2023-07-25T10:30:28.538Z",
"dateUpdated": "2025-11-20T04:08:18.260Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-3922 (GCVE-0-2023-3922)
Vulnerability from cvelistv5 – Published: 2023-09-29 07:30 – Updated: 2025-11-20 04:08
VLAI?
EPSS
Summary
An issue has been discovered in GitLab affecting all versions starting from 8.15 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible to hijack some links and buttons on the GitLab UI to a malicious page.
Severity ?
CWE
- CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
Credits
Thanks [ammar2](https://hackerone.com/ammar2) for reporting this vulnerability through our HackerOne bug bounty program
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-3922",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-24T14:07:32.409128Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-17T15:31:21.942Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:08:50.765Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GitLab Issue #394770",
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/394770"
},
{
"name": "HackerOne Bug Bounty Report #1887323",
"tags": [
"technical-description",
"exploit",
"x_transferred"
],
"url": "https://hackerone.com/reports/1887323"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "GitLab",
"repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
"vendor": "GitLab",
"versions": [
{
"lessThan": "16.2.8",
"status": "affected",
"version": "16.2",
"versionType": "semver"
},
{
"lessThan": "16.3.5",
"status": "affected",
"version": "16.3",
"versionType": "semver"
},
{
"lessThan": "16.4.1",
"status": "affected",
"version": "16.4",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thanks [ammar2](https://hackerone.com/ammar2) for reporting this vulnerability through our HackerOne bug bounty program"
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue has been discovered in GitLab affecting all versions starting from 8.15 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible to hijack some links and buttons on the GitLab UI to a malicious page."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T04:08:53.255Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"name": "GitLab Issue #394770",
"tags": [
"issue-tracking"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/394770"
},
{
"name": "HackerOne Bug Bounty Report #1887323",
"tags": [
"technical-description",
"exploit",
"permissions-required"
],
"url": "https://hackerone.com/reports/1887323"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to version 16.4.1, 16.3.5, 16.2.8"
}
],
"title": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027) in GitLab"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2023-3922",
"datePublished": "2023-09-29T07:30:50.402Z",
"dateReserved": "2023-07-25T10:30:45.145Z",
"dateUpdated": "2025-11-20T04:08:53.255Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-3413 (GCVE-0-2023-3413)
Vulnerability from cvelistv5 – Published: 2023-09-29 08:30 – Updated: 2025-11-20 04:07
VLAI?
EPSS
Summary
An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible to read the source code of a project through a fork created before changing visibility to only project members.
Severity ?
6.5 (Medium)
CWE
- CWE-201 - Insertion of Sensitive Information Into Sent Data
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
Credits
Thanks [shells3c](https://hackerone.com/shells3c) for reporting this vulnerability through our HackerOne bug bounty program
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:55:03.412Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GitLab Issue #416284",
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/416284"
},
{
"name": "HackerOne Bug Bounty Report #2027967",
"tags": [
"technical-description",
"exploit",
"x_transferred"
],
"url": "https://hackerone.com/reports/2027967"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-3413",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-30T14:27:04.414291Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-30T14:27:19.075Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "GitLab",
"repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
"vendor": "GitLab",
"versions": [
{
"lessThan": "16.2.8",
"status": "affected",
"version": "16.2",
"versionType": "semver"
},
{
"lessThan": "16.3.5",
"status": "affected",
"version": "16.3",
"versionType": "semver"
},
{
"lessThan": "16.4.1",
"status": "affected",
"version": "16.4",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thanks [shells3c](https://hackerone.com/shells3c) for reporting this vulnerability through our HackerOne bug bounty program"
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible to read the source code of a project through a fork created before changing visibility to only project members."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-201",
"description": "CWE-201: Insertion of Sensitive Information Into Sent Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T04:07:38.285Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"name": "GitLab Issue #416284",
"tags": [
"issue-tracking"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/416284"
},
{
"name": "HackerOne Bug Bounty Report #2027967",
"tags": [
"technical-description",
"exploit",
"permissions-required"
],
"url": "https://hackerone.com/reports/2027967"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to versions 16.4.1, 16.3.5, 16.2.8 or above."
}
],
"title": "Insertion of Sensitive Information Into Sent Data in GitLab"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2023-3413",
"datePublished": "2023-09-29T08:30:56.742Z",
"dateReserved": "2023-06-26T15:18:03.657Z",
"dateUpdated": "2025-11-20T04:07:38.285Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-3979 (GCVE-0-2023-3979)
Vulnerability from cvelistv5 – Published: 2023-09-29 06:02 – Updated: 2025-11-20 04:09
VLAI?
EPSS
Summary
An issue has been discovered in GitLab affecting all versions starting from 10.6 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible that upstream members to collaborate with you on your branch get permission to write to the merge request’s source branch.
Severity ?
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
Credits
Thanks [theluci](https://hackerone.com/theluci) for reporting this vulnerability through our HackerOne bug bounty program
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-3979",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-25T14:04:09.768079Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-25T14:04:19.222Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:08:50.787Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GitLab Issue #419972",
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/419972"
},
{
"name": "HackerOne Bug Bounty Report #2082560",
"tags": [
"technical-description",
"exploit",
"x_transferred"
],
"url": "https://hackerone.com/reports/2082560"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "GitLab",
"repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
"vendor": "GitLab",
"versions": [
{
"lessThan": "16.2.8",
"status": "affected",
"version": "10.6",
"versionType": "semver"
},
{
"lessThan": "16.3.5",
"status": "affected",
"version": "16.3",
"versionType": "semver"
},
{
"lessThan": "16.4.1",
"status": "affected",
"version": "16.4",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thanks [theluci](https://hackerone.com/theluci) for reporting this vulnerability through our HackerOne bug bounty program"
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue has been discovered in GitLab affecting all versions starting from 10.6 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible that upstream members to collaborate with you on your branch get permission to write to the merge request\u2019s source branch."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T04:09:18.297Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"name": "GitLab Issue #419972",
"tags": [
"issue-tracking"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/419972"
},
{
"name": "HackerOne Bug Bounty Report #2082560",
"tags": [
"technical-description",
"exploit",
"permissions-required"
],
"url": "https://hackerone.com/reports/2082560"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to version 16.4.1, 16.3.5, 16.2.8"
}
],
"title": "Incorrect Authorization in GitLab"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2023-3979",
"datePublished": "2023-09-29T06:02:06.310Z",
"dateReserved": "2023-07-27T18:01:01.568Z",
"dateUpdated": "2025-11-20T04:09:18.297Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-3115 (GCVE-0-2023-3115)
Vulnerability from cvelistv5 – Published: 2023-09-29 06:02 – Updated: 2025-11-20 04:06
VLAI?
EPSS
Summary
An issue has been discovered in GitLab EE affecting all versions affecting all versions from 11.11 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. Single Sign On restrictions were not correctly enforced for indirect project members accessing public members-only project repositories.
Severity ?
5.4 (Medium)
CWE
- CWE-286 - Incorrect User Management
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
Credits
Thanks [theluci](https://hackerone.com/theluci) for reporting this vulnerability through our HackerOne bug bounty program
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-3115",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-24T14:12:41.068956Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-17T15:31:44.506Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:48:07.189Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GitLab Issue #414367",
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/414367"
},
{
"name": "HackerOne Bug Bounty Report #2004158",
"tags": [
"technical-description",
"exploit",
"x_transferred"
],
"url": "https://hackerone.com/reports/2004158"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "GitLab",
"repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
"vendor": "GitLab",
"versions": [
{
"lessThan": "16.2.8",
"status": "affected",
"version": "11.11",
"versionType": "semver"
},
{
"lessThan": "16.3.5",
"status": "affected",
"version": "16.3",
"versionType": "semver"
},
{
"lessThan": "16.4.1",
"status": "affected",
"version": "16.4",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thanks [theluci](https://hackerone.com/theluci) for reporting this vulnerability through our HackerOne bug bounty program"
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue has been discovered in GitLab EE affecting all versions affecting all versions from 11.11 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. Single Sign On restrictions were not correctly enforced for indirect project members accessing public members-only project repositories."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-286",
"description": "CWE-286: Incorrect User Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T04:06:58.296Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"name": "GitLab Issue #414367",
"tags": [
"issue-tracking"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/414367"
},
{
"name": "HackerOne Bug Bounty Report #2004158",
"tags": [
"technical-description",
"exploit",
"permissions-required"
],
"url": "https://hackerone.com/reports/2004158"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to versions 16.2.8, 16.3.5, 16.4.1 or above."
}
],
"title": "Incorrect User Management in GitLab"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2023-3115",
"datePublished": "2023-09-29T06:02:51.300Z",
"dateReserved": "2023-06-06T03:19:59.543Z",
"dateUpdated": "2025-11-20T04:06:58.296Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-3920 (GCVE-0-2023-3920)
Vulnerability from cvelistv5 – Published: 2023-09-29 06:02 – Updated: 2025-11-20 04:08
VLAI?
EPSS
Summary
An issue has been discovered in GitLab affecting all versions starting from 11.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible that a maintainer to create a fork relationship between existing projects contrary to the documentation.
Severity ?
4.3 (Medium)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
Credits
Thanks [theluci](https://hackerone.com/theluci) for reporting this vulnerability through our HackerOne bug bounty program
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-3920",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-24T18:28:54.700432Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-24T18:29:02.167Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:08:50.695Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GitLab Issue #417481",
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/417481"
},
{
"name": "HackerOne Bug Bounty Report #2058121",
"tags": [
"technical-description",
"exploit",
"x_transferred"
],
"url": "https://hackerone.com/reports/2058121"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "GitLab",
"repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
"vendor": "GitLab",
"versions": [
{
"lessThan": "16.2.8",
"status": "affected",
"version": "11.2",
"versionType": "semver"
},
{
"lessThan": "16.3.5",
"status": "affected",
"version": "16.3",
"versionType": "semver"
},
{
"lessThan": "16.4.1",
"status": "affected",
"version": "16.4",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thanks [theluci](https://hackerone.com/theluci) for reporting this vulnerability through our HackerOne bug bounty program"
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue has been discovered in GitLab affecting all versions starting from 11.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible that a maintainer to create a fork relationship between existing projects contrary to the documentation."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T04:08:48.263Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"name": "GitLab Issue #417481",
"tags": [
"issue-tracking"
],
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/417481"
},
{
"name": "HackerOne Bug Bounty Report #2058121",
"tags": [
"technical-description",
"exploit",
"permissions-required"
],
"url": "https://hackerone.com/reports/2058121"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to version 16.4.1, 16.3.5, 16.2.8"
}
],
"title": "Incorrect Authorization in GitLab"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2023-3920",
"datePublished": "2023-09-29T06:02:31.303Z",
"dateReserved": "2023-07-25T10:30:33.135Z",
"dateUpdated": "2025-11-20T04:08:48.263Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…