Action not permitted
Modal body text goes here.
Modal Title
Modal Body
wid-sec-w-2023-2520
Vulnerability from csaf_certbund
Published
2023-09-28 22:00
Modified
2023-09-28 22:00
Summary
GitLab: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
GitLab ist eine Webanwendung zur Versionsverwaltung für Softwareprojekte auf Basis von git.
Angriff
Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in GitLab ausnutzen, um beliebigen Programmcode mit Rechten des Benutzers auszuführen, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder Dateien zu manipulieren.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "GitLab ist eine Webanwendung zur Versionsverwaltung f\u00fcr Softwareprojekte auf Basis von git.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in GitLab ausnutzen, um beliebigen Programmcode mit Rechten des Benutzers auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder Dateien zu manipulieren.", "title": "Angriff" }, { "category": "general", "text": "- UNIX\n- Linux\n- Windows", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-2520 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2520.json" }, { "category": "self", "summary": "WID-SEC-2023-2520 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2520" }, { "category": "external", "summary": "GitLab Security Advisory vom 2023-09-28", "url": "https://about.gitlab.com/releases/2023/09/28/security-release-gitlab-16-4-1-released/" } ], "source_lang": "en-US", "title": "GitLab: Mehrere Schwachstellen", "tracking": { "current_release_date": "2023-09-28T22:00:00.000+00:00", "generator": { "date": "2024-02-15T17:46:13.450+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-2520", "initial_release_date": "2023-09-28T22:00:00.000+00:00", "revision_history": [ { "date": "2023-09-28T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Open Source GitLab \u003c 16.4.1 Community Edition", "product": { "name": "Open Source GitLab \u003c 16.4.1 Community Edition", "product_id": "T030166", "product_identification_helper": { "cpe": "cpe:/a:gitlab:gitlab:16.4.1_community_edition" } } }, { "category": "product_name", "name": "Open Source GitLab \u003c 16.3.5 Community Edition", "product": { "name": "Open Source GitLab \u003c 16.3.5 Community Edition", "product_id": "T030167", "product_identification_helper": { "cpe": "cpe:/a:gitlab:gitlab:16.3.5_community_edition" } } }, { "category": "product_name", "name": "Open Source GitLab \u003c 16.2.8 Community Edition", "product": { "name": "Open Source GitLab \u003c 16.2.8 Community Edition", "product_id": "T030168", "product_identification_helper": { "cpe": "cpe:/a:gitlab:gitlab:16.2.8_community_edition" } } }, { "category": "product_name", "name": "Open Source GitLab \u003c 16.2.8 Enterprise Edition", "product": { "name": "Open Source GitLab \u003c 16.2.8 Enterprise Edition", "product_id": "T030169", "product_identification_helper": { "cpe": "cpe:/a:gitlab:gitlab:16.2.8_enterprise_edition" } } }, { "category": "product_name", "name": "Open Source GitLab \u003c 16.3.5 Enterprise Edition", "product": { "name": "Open Source GitLab \u003c 16.3.5 Enterprise Edition", "product_id": "T030170", "product_identification_helper": { "cpe": "cpe:/a:gitlab:gitlab:16.3.5_enterprise_edition" } } }, { "category": "product_name", "name": "Open Source GitLab \u003c 16.4.1 Enterprise Edition", "product": { "name": "Open Source GitLab \u003c 16.4.1 Enterprise Edition", "product_id": "T030171", "product_identification_helper": { "cpe": "cpe:/a:gitlab:gitlab:16.4.1_enterprise_edition" } } } ], "category": "product_name", "name": "GitLab" } ], "category": "vendor", "name": "Open Source" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-5207", "notes": [ { "category": "description", "text": "In GitLab existieren mehrere Schwachstellen. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Rechten des Benutzers auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder Dateien zu manipulieren. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "release_date": "2023-09-28T22:00:00Z", "title": "CVE-2023-5207" }, { "cve": "CVE-2023-5198", "notes": [ { "category": "description", "text": "In GitLab existieren mehrere Schwachstellen. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Rechten des Benutzers auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder Dateien zu manipulieren. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "release_date": "2023-09-28T22:00:00Z", "title": "CVE-2023-5198" }, { "cve": "CVE-2023-5106", "notes": [ { "category": "description", "text": "In GitLab existieren mehrere Schwachstellen. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Rechten des Benutzers auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder Dateien zu manipulieren. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "release_date": "2023-09-28T22:00:00Z", "title": "CVE-2023-5106" }, { "cve": "CVE-2023-4658", "notes": [ { "category": "description", "text": "In GitLab existieren mehrere Schwachstellen. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Rechten des Benutzers auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder Dateien zu manipulieren. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "release_date": "2023-09-28T22:00:00Z", "title": "CVE-2023-4658" }, { "cve": "CVE-2023-4532", "notes": [ { "category": "description", "text": "In GitLab existieren mehrere Schwachstellen. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Rechten des Benutzers auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder Dateien zu manipulieren. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "release_date": "2023-09-28T22:00:00Z", "title": "CVE-2023-4532" }, { "cve": "CVE-2023-4379", "notes": [ { "category": "description", "text": "In GitLab existieren mehrere Schwachstellen. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Rechten des Benutzers auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder Dateien zu manipulieren. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "release_date": "2023-09-28T22:00:00Z", "title": "CVE-2023-4379" }, { "cve": "CVE-2023-3979", "notes": [ { "category": "description", "text": "In GitLab existieren mehrere Schwachstellen. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Rechten des Benutzers auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder Dateien zu manipulieren. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "release_date": "2023-09-28T22:00:00Z", "title": "CVE-2023-3979" }, { "cve": "CVE-2023-3922", "notes": [ { "category": "description", "text": "In GitLab existieren mehrere Schwachstellen. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Rechten des Benutzers auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder Dateien zu manipulieren. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "release_date": "2023-09-28T22:00:00Z", "title": "CVE-2023-3922" }, { "cve": "CVE-2023-3920", "notes": [ { "category": "description", "text": "In GitLab existieren mehrere Schwachstellen. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Rechten des Benutzers auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder Dateien zu manipulieren. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "release_date": "2023-09-28T22:00:00Z", "title": "CVE-2023-3920" }, { "cve": "CVE-2023-3917", "notes": [ { "category": "description", "text": "In GitLab existieren mehrere Schwachstellen. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Rechten des Benutzers auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder Dateien zu manipulieren. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "release_date": "2023-09-28T22:00:00Z", "title": "CVE-2023-3917" }, { "cve": "CVE-2023-3914", "notes": [ { "category": "description", "text": "In GitLab existieren mehrere Schwachstellen. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Rechten des Benutzers auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder Dateien zu manipulieren. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "release_date": "2023-09-28T22:00:00Z", "title": "CVE-2023-3914" }, { "cve": "CVE-2023-3906", "notes": [ { "category": "description", "text": "In GitLab existieren mehrere Schwachstellen. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Rechten des Benutzers auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder Dateien zu manipulieren. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "release_date": "2023-09-28T22:00:00Z", "title": "CVE-2023-3906" }, { "cve": "CVE-2023-3413", "notes": [ { "category": "description", "text": "In GitLab existieren mehrere Schwachstellen. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Rechten des Benutzers auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder Dateien zu manipulieren. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "release_date": "2023-09-28T22:00:00Z", "title": "CVE-2023-3413" }, { "cve": "CVE-2023-3115", "notes": [ { "category": "description", "text": "In GitLab existieren mehrere Schwachstellen. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Rechten des Benutzers auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder Dateien zu manipulieren. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "release_date": "2023-09-28T22:00:00Z", "title": "CVE-2023-3115" }, { "cve": "CVE-2023-2233", "notes": [ { "category": "description", "text": "In GitLab existieren mehrere Schwachstellen. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Rechten des Benutzers auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder Dateien zu manipulieren. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "release_date": "2023-09-28T22:00:00Z", "title": "CVE-2023-2233" }, { "cve": "CVE-2023-0989", "notes": [ { "category": "description", "text": "In GitLab existieren mehrere Schwachstellen. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode mit Rechten des Benutzers auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, Informationen offenzulegen oder Dateien zu manipulieren. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich." } ], "release_date": "2023-09-28T22:00:00Z", "title": "CVE-2023-0989" } ] }
cve-2023-4658
Vulnerability from cvelistv5
Published
2023-12-01 07:01
Modified
2024-10-03 06:23
Severity ?
EPSS score ?
Summary
An issue has been discovered in GitLab EE affecting all versions starting from 8.13 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for an attacker to abuse the `Allowed to merge` permission as a guest user, when granted the permission through a group.
References
▼ | URL | Tags |
---|---|---|
https://gitlab.com/gitlab-org/gitlab/-/issues/423835 | issue-tracking | |
https://hackerone.com/reports/2104540 | technical-description, exploit, permissions-required |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:31:06.624Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GitLab Issue #423835", "tags": [ "issue-tracking", "x_transferred" ], "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/423835" }, { "name": "HackerOne Bug Bounty Report #2104540", "tags": [ "technical-description", "exploit", "x_transferred" ], "url": "https://hackerone.com/reports/2104540" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "GitLab", "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", "vendor": "GitLab", "versions": [ { "lessThan": "16.4.3", "status": "affected", "version": "8.13", "versionType": "semver" }, { "lessThan": "16.5.3", "status": "affected", "version": "16.5", "versionType": "semver" }, { "lessThan": "16.6.1", "status": "affected", "version": "16.6", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Thanks [theluci](https://hackerone.com/theluci) for reporting this vulnerability through our HackerOne bug bounty program" } ], "descriptions": [ { "lang": "en", "value": "An issue has been discovered in GitLab EE affecting all versions starting from 8.13 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for an attacker to abuse the `Allowed to merge` permission as a guest user, when granted the permission through a group." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-863", "description": "CWE-863: Incorrect Authorization", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-03T06:23:15.087Z", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "name": "GitLab Issue #423835", "tags": [ "issue-tracking" ], "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/423835" }, { "name": "HackerOne Bug Bounty Report #2104540", "tags": [ "technical-description", "exploit", "permissions-required" ], "url": "https://hackerone.com/reports/2104540" } ], "solutions": [ { "lang": "en", "value": "Upgrade to versions 16.4.3, 16.5.3, 16.6.1 or above." } ], "title": "Incorrect Authorization in GitLab" } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2023-4658", "datePublished": "2023-12-01T07:01:58.125Z", "dateReserved": "2023-08-31T05:30:28.470Z", "dateUpdated": "2024-10-03T06:23:15.087Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-5106
Vulnerability from cvelistv5
Published
2023-10-02 11:49
Modified
2024-10-05 04:04
Severity ?
EPSS score ?
Summary
An issue has been discovered in Ultimate-licensed GitLab EE affecting all versions starting 13.12 prior to 16.2.8, 16.3.0 prior to 16.3.5, and 16.4.0 prior to 16.4.1 that could allow an attacker to impersonate users in CI pipelines through direct transfer group imports.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:44:53.795Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://gitlab.com/gitlab-org/gitlab/-/commit/67039cfcae80b8fc0496f79be88714873cd169b3" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-5106", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-08-30T15:13:29.457533Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-30T15:13:45.888Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "GitLab", "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", "vendor": "GitLab", "versions": [ { "lessThan": "16.2.8", "status": "affected", "version": "13.12", "versionType": "semver" }, { "lessThan": "16.3.5", "status": "affected", "version": "16.3.0", "versionType": "semver" }, { "lessThan": "16.4.1", "status": "affected", "version": "16.4.0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "This vulnerability has been discovered internally by GitLab team member Joern Schneeweisz" } ], "descriptions": [ { "lang": "en", "value": "An issue has been discovered in Ultimate-licensed GitLab EE affecting all versions starting 13.12 prior to 16.2.8, 16.3.0 prior to 16.3.5, and 16.4.0 prior to 16.4.1 that could allow an attacker to impersonate users in CI pipelines through direct transfer group imports." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-863", "description": "CWE-863: Incorrect Authorization", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-05T04:04:21.739Z", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "name": "GitLab Commit", "url": "https://gitlab.com/gitlab-org/gitlab/-/commit/67039cfcae80b8fc0496f79be88714873cd169b3" }, { "name": "GitLab Issue #980", "tags": [ "permissions-required" ], "url": "https://gitlab.com/gitlab-org/security/gitlab/-/issues/980" } ], "solutions": [ { "lang": "en", "value": "Upgrade to version 16.2.8, 16.3.5, 16.4.1. If it is not viable to immediately upgrade to a patched version, risk of exploitation can be mitigated by ensuring the [Migrate groups by direct transfer](https://docs.gitlab.com/ee/user/group/import/index.html#migrate-groups-by-direct-transfer-recommended) feature is disabled until GitLab has been upgraded." } ], "title": "Incorrect Authorization in GitLab" } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2023-5106", "datePublished": "2023-10-02T11:49:56.333Z", "dateReserved": "2023-09-21T10:30:28.355Z", "dateUpdated": "2024-10-05T04:04:21.739Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-4532
Vulnerability from cvelistv5
Published
2023-09-29 06:02
Modified
2024-10-03 06:23
Severity ?
EPSS score ?
Summary
An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. Users were capable of linking CI/CD jobs of private projects which they are not a member of.
References
▼ | URL | Tags |
---|---|---|
https://gitlab.com/gitlab-org/gitlab/-/issues/423357 | issue-tracking | |
https://hackerone.com/reports/2084199 | technical-description, exploit, permissions-required |
Impacted products
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:gitlab:gitlab:16.2:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "gitlab", "vendor": "gitlab", "versions": [ { "lessThan": "16.2.8", "status": "affected", "version": "16.2", "versionType": "semver" } ] }, { "cpes": [ "cpe:2.3:a:gitlab:gitlab:16.4:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "gitlab", "vendor": "gitlab", "versions": [ { "lessThan": "16.4.1", "status": "affected", "version": "16.4", "versionType": "semver" } ] }, { "cpes": [ "cpe:2.3:a:gitlab:gitlab:16.3:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "gitlab", "vendor": "gitlab", "versions": [ { "lessThan": "16.3.5", "status": "affected", "version": "16.3", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-4532", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-24T14:37:07.802802Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-17T16:03:34.673Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T07:31:06.033Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GitLab Issue #423357", "tags": [ "issue-tracking", "x_transferred" ], "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/423357" }, { "name": "HackerOne Bug Bounty Report #2084199", "tags": [ "technical-description", "exploit", "x_transferred" ], "url": "https://hackerone.com/reports/2084199" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "GitLab", "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", "vendor": "GitLab", "versions": [ { "lessThan": "16.2.8", "status": "affected", "version": "16.2", "versionType": "semver" }, { "lessThan": "16.3.5", "status": "affected", "version": "16.3", "versionType": "semver" }, { "lessThan": "16.4.1", "status": "affected", "version": "16.4", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Thanks [ricardobrito](https://hackerone.com/ricardobrito) for reporting this vulnerability through our HackerOne bug bounty program" } ], "descriptions": [ { "lang": "en", "value": "An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. Users were capable of linking CI/CD jobs of private projects which they are not a member of." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-863", "description": "CWE-863: Incorrect Authorization", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-03T06:23:14.747Z", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "name": "GitLab Issue #423357", "tags": [ "issue-tracking" ], "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/423357" }, { "name": "HackerOne Bug Bounty Report #2084199", "tags": [ "technical-description", "exploit", "permissions-required" ], "url": "https://hackerone.com/reports/2084199" } ], "solutions": [ { "lang": "en", "value": "Upgrade to versions 16.4.1, 16.3.5, 16.2.8 or above." } ], "title": "Incorrect Authorization in GitLab" } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2023-4532", "datePublished": "2023-09-29T06:02:01.299Z", "dateReserved": "2023-08-25T07:01:10.482Z", "dateUpdated": "2024-10-03T06:23:14.747Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-4379
Vulnerability from cvelistv5
Published
2023-11-09 21:01
Modified
2024-10-03 06:23
Severity ?
EPSS score ?
Summary
An issue has been discovered in GitLab EE affecting all versions starting from 15.3 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. Code owner approval was not removed from merge requests when the target branch was updated.
References
▼ | URL | Tags |
---|---|---|
https://gitlab.com/gitlab-org/gitlab/-/issues/415496 | issue-tracking |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:24:04.500Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GitLab Issue #415496", "tags": [ "issue-tracking", "x_transferred" ], "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/415496" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-4379", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-08-30T15:30:35.330645Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-30T15:39:21.250Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "GitLab", "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", "vendor": "GitLab", "versions": [ { "lessThan": "16.2.8", "status": "affected", "version": "15.3", "versionType": "semver" }, { "lessThan": "16.3.5", "status": "affected", "version": "16.3", "versionType": "semver" }, { "lessThan": "16.4.1", "status": "affected", "version": "16.4", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "This issue was reported by a customer." } ], "descriptions": [ { "lang": "en", "value": "An issue has been discovered in GitLab EE affecting all versions starting from 15.3 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. Code owner approval was not removed from merge requests when the target branch was updated." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-863", "description": "CWE-863: Incorrect Authorization", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-03T06:23:14.529Z", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "name": "GitLab Issue #415496", "tags": [ "issue-tracking" ], "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/415496" } ], "solutions": [ { "lang": "en", "value": "Upgrade to version 16.2.8, 16.3.5, 16.4.1 or above" } ], "title": "Incorrect Authorization in GitLab" } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2023-4379", "datePublished": "2023-11-09T21:01:10.733Z", "dateReserved": "2023-08-16T03:30:27.793Z", "dateUpdated": "2024-10-03T06:23:14.529Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-3979
Vulnerability from cvelistv5
Published
2023-09-29 06:02
Modified
2024-10-03 06:23
Severity ?
EPSS score ?
Summary
An issue has been discovered in GitLab affecting all versions starting from 10.6 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible that upstream members to collaborate with you on your branch get permission to write to the merge request’s source branch.
References
▼ | URL | Tags |
---|---|---|
https://gitlab.com/gitlab-org/gitlab/-/issues/419972 | issue-tracking | |
https://hackerone.com/reports/2082560 | technical-description, exploit, permissions-required |
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-3979", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-25T14:04:09.768079Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-25T14:04:19.222Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T07:08:50.787Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GitLab Issue #419972", "tags": [ "issue-tracking", "x_transferred" ], "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/419972" }, { "name": "HackerOne Bug Bounty Report #2082560", "tags": [ "technical-description", "exploit", "x_transferred" ], "url": "https://hackerone.com/reports/2082560" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "GitLab", "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", "vendor": "GitLab", "versions": [ { "lessThan": "16.2.8", "status": "affected", "version": "10.6", "versionType": "semver" }, { "lessThan": "16.3.5", "status": "affected", "version": "16.3", "versionType": "semver" }, { "lessThan": "16.4.1", "status": "affected", "version": "16.4", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Thanks [theluci](https://hackerone.com/theluci) for reporting this vulnerability through our HackerOne bug bounty program" } ], "descriptions": [ { "lang": "en", "value": "An issue has been discovered in GitLab affecting all versions starting from 10.6 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible that upstream members to collaborate with you on your branch get permission to write to the merge request\u2019s source branch." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-863", "description": "CWE-863: Incorrect Authorization", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-03T06:23:13.555Z", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "name": "GitLab Issue #419972", "tags": [ "issue-tracking" ], "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/419972" }, { "name": "HackerOne Bug Bounty Report #2082560", "tags": [ "technical-description", "exploit", "permissions-required" ], "url": "https://hackerone.com/reports/2082560" } ], "solutions": [ { "lang": "en", "value": "Upgrade to version 16.4.1, 16.3.5, 16.2.8" } ], "title": "Incorrect Authorization in GitLab" } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2023-3979", "datePublished": "2023-09-29T06:02:06.310Z", "dateReserved": "2023-07-27T18:01:01.568Z", "dateUpdated": "2024-10-03T06:23:13.555Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-3914
Vulnerability from cvelistv5
Published
2023-09-29 06:02
Modified
2024-10-03 06:23
Severity ?
EPSS score ?
Summary
A business logic error in GitLab EE affecting all versions prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows access to internal projects. A service account is not deleted when a namespace is deleted, allowing access to internal projects.
References
▼ | URL | Tags |
---|---|---|
https://gitlab.com/gitlab-org/gitlab/-/issues/418115 | issue-tracking | |
https://hackerone.com/reports/2040822 | technical-description, exploit, permissions-required |
Impacted products
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "gitlab", "vendor": "gitlab", "versions": [ { "lessThan": "16.2.8", "status": "affected", "version": "0", "versionType": "semver" } ] }, { "cpes": [ "cpe:2.3:a:gitlab:gitlab:16.3.0:*:*:*:enterprise:*:*:*" ], "defaultStatus": "unaffected", "product": "gitlab", "vendor": "gitlab", "versions": [ { "lessThan": "16.3.5", "status": "affected", "version": "16.3.0", "versionType": "semver" } ] }, { "cpes": [ "cpe:2.3:a:gitlab:gitlab:16.4.0:*:*:*:enterprise:*:*:*" ], "defaultStatus": "unaffected", "product": "gitlab", "vendor": "gitlab", "versions": [ { "lessThan": "16.4.1", "status": "affected", "version": "16.4.0", "versionType": "semver" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-3914", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-24T13:49:27.658392Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-17T16:02:38.191Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T07:08:50.677Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GitLab Issue #418115", "tags": [ "issue-tracking", "x_transferred" ], "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/418115" }, { "name": "HackerOne Bug Bounty Report #2040822", "tags": [ "technical-description", "exploit", "x_transferred" ], "url": "https://hackerone.com/reports/2040822" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "GitLab", "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", "vendor": "GitLab", "versions": [ { "lessThan": "16.2.8", "status": "affected", "version": "0", "versionType": "semver" }, { "lessThan": "16.3.5", "status": "affected", "version": "16.3", "versionType": "semver" }, { "lessThan": "16.4.1", "status": "affected", "version": "16.4", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Thanks [joaxcar](https://hackerone.com/joaxcar) for reporting this vulnerability through our HackerOne bug bounty program" } ], "descriptions": [ { "lang": "en", "value": "A business logic error in GitLab EE affecting all versions prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows access to internal projects. A service account is not deleted when a namespace is deleted, allowing access to internal projects." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-286", "description": "CWE-286: Incorrect User Management", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-03T06:23:12.878Z", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "name": "GitLab Issue #418115", "tags": [ "issue-tracking" ], "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/418115" }, { "name": "HackerOne Bug Bounty Report #2040822", "tags": [ "technical-description", "exploit", "permissions-required" ], "url": "https://hackerone.com/reports/2040822" } ], "solutions": [ { "lang": "en", "value": "Upgrade to version 16.4.1, 16.3.5 or 16.2.8" } ], "title": "Incorrect User Management in GitLab" } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2023-3914", "datePublished": "2023-09-29T06:02:21.304Z", "dateReserved": "2023-07-25T10:30:31.597Z", "dateUpdated": "2024-10-03T06:23:12.878Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-3115
Vulnerability from cvelistv5
Published
2023-09-29 06:02
Modified
2024-10-03 06:23
Severity ?
EPSS score ?
Summary
An issue has been discovered in GitLab EE affecting all versions affecting all versions from 11.11 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. Single Sign On restrictions were not correctly enforced for indirect project members accessing public members-only project repositories.
References
▼ | URL | Tags |
---|---|---|
https://gitlab.com/gitlab-org/gitlab/-/issues/414367 | issue-tracking | |
https://hackerone.com/reports/2004158 | technical-description, exploit, permissions-required |
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-3115", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-24T14:12:41.068956Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-17T15:31:44.506Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T06:48:07.189Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GitLab Issue #414367", "tags": [ "issue-tracking", "x_transferred" ], "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/414367" }, { "name": "HackerOne Bug Bounty Report #2004158", "tags": [ "technical-description", "exploit", "x_transferred" ], "url": "https://hackerone.com/reports/2004158" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "GitLab", "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", "vendor": "GitLab", "versions": [ { "lessThan": "16.2.8", "status": "affected", "version": "11.11", "versionType": "semver" }, { "lessThan": "16.3.5", "status": "affected", "version": "16.3", "versionType": "semver" }, { "lessThan": "16.4.1", "status": "affected", "version": "16.4", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Thanks [theluci](https://hackerone.com/theluci) for reporting this vulnerability through our HackerOne bug bounty program" } ], "descriptions": [ { "lang": "en", "value": "An issue has been discovered in GitLab EE affecting all versions affecting all versions from 11.11 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. Single Sign On restrictions were not correctly enforced for indirect project members accessing public members-only project repositories." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-286", "description": "CWE-286: Incorrect User Management", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-03T06:23:11.005Z", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "name": "GitLab Issue #414367", "tags": [ "issue-tracking" ], "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/414367" }, { "name": "HackerOne Bug Bounty Report #2004158", "tags": [ "technical-description", "exploit", "permissions-required" ], "url": "https://hackerone.com/reports/2004158" } ], "solutions": [ { "lang": "en", "value": "Upgrade to versions 16.2.8, 16.3.5, 16.4.1 or above." } ], "title": "Incorrect User Management in GitLab" } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2023-3115", "datePublished": "2023-09-29T06:02:51.300Z", "dateReserved": "2023-06-06T03:19:59.543Z", "dateUpdated": "2024-10-03T06:23:11.005Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-3917
Vulnerability from cvelistv5
Published
2023-09-29 06:02
Modified
2024-10-03 06:23
Severity ?
EPSS score ?
Summary
Denial of Service in pipelines affecting all versions of Gitlab EE and CE prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows attacker to cause pipelines to fail.
References
▼ | URL | Tags |
---|---|---|
https://gitlab.com/gitlab-org/gitlab/-/issues/417896 | issue-tracking | |
https://hackerone.com/reports/2055158 | technical-description, exploit, permissions-required |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:08:50.793Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GitLab Issue #417896", "tags": [ "issue-tracking", "x_transferred" ], "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/417896" }, { "name": "HackerOne Bug Bounty Report #2055158", "tags": [ "technical-description", "exploit", "x_transferred" ], "url": "https://hackerone.com/reports/2055158" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-3917", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-08-30T15:40:36.735432Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-30T15:40:49.497Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "GitLab", "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", "vendor": "GitLab", "versions": [ { "lessThan": "16.2.8", "status": "affected", "version": "0", "versionType": "semver" }, { "lessThan": "16.3.5", "status": "affected", "version": "16.3", "versionType": "semver" }, { "lessThan": "16.4.1", "status": "affected", "version": "16.4", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Thanks [js_noob](https://hackerone.com/js_noob) for reporting this vulnerability through our HackerOne bug bounty program" } ], "descriptions": [ { "lang": "en", "value": "Denial of Service in pipelines affecting all versions of Gitlab EE and CE prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows attacker to cause pipelines to fail." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-1287", "description": "CWE-1287: Improper Validation of Specified Type of Input", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-03T06:23:12.977Z", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "name": "GitLab Issue #417896", "tags": [ "issue-tracking" ], "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/417896" }, { "name": "HackerOne Bug Bounty Report #2055158", "tags": [ "technical-description", "exploit", "permissions-required" ], "url": "https://hackerone.com/reports/2055158" } ], "solutions": [ { "lang": "en", "value": "Upgrade to version 16.4.1, 16.3.5 or 16.2.8" } ], "title": "Improper Validation of Specified Type of Input in GitLab" } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2023-3917", "datePublished": "2023-09-29T06:02:26.304Z", "dateReserved": "2023-07-25T10:30:32.198Z", "dateUpdated": "2024-10-03T06:23:12.977Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-3906
Vulnerability from cvelistv5
Published
2023-09-29 06:02
Modified
2024-10-03 06:23
Severity ?
EPSS score ?
Summary
An input validation issue in the asset proxy in GitLab EE, affecting all versions from 12.3 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1, allowed an authenticated attacker to craft image urls which bypass the asset proxy.
References
▼ | URL | Tags |
---|---|---|
https://gitlab.com/gitlab-org/gitlab/-/issues/419213 | issue-tracking | |
https://hackerone.com/reports/2071411 | technical-description, exploit, permissions-required |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:08:50.669Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GitLab Issue #419213", "tags": [ "issue-tracking", "x_transferred" ], "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/419213" }, { "name": "HackerOne Bug Bounty Report #2071411", "tags": [ "technical-description", "exploit", "x_transferred" ], "url": "https://hackerone.com/reports/2071411" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-3906", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-08-30T14:28:00.520335Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-30T14:28:17.807Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "GitLab", "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", "vendor": "GitLab", "versions": [ { "lessThan": "16.2.8", "status": "affected", "version": "12.3", "versionType": "semver" }, { "lessThan": "16.3.5", "status": "affected", "version": "16.3", "versionType": "semver" }, { "lessThan": "16.4.1", "status": "affected", "version": "16.4", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Thanks [afewgoats](https://hackerone.com/afewgoats) for reporting this vulnerability through our HackerOne bug bounty program" } ], "descriptions": [ { "lang": "en", "value": "An input validation issue in the asset proxy in GitLab EE, affecting all versions from 12.3 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1, allowed an authenticated attacker to craft image urls which bypass the asset proxy." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.5, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-1287", "description": "CWE-1287: Improper Validation of Specified Type of Input", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-03T06:23:12.606Z", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "name": "GitLab Issue #419213", "tags": [ "issue-tracking" ], "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/419213" }, { "name": "HackerOne Bug Bounty Report #2071411", "tags": [ "technical-description", "exploit", "permissions-required" ], "url": "https://hackerone.com/reports/2071411" } ], "solutions": [ { "lang": "en", "value": "Upgrade to version 16.2.8, 16.3.5, 16.4.1 or above" } ], "title": "Improper Validation of Specified Type of Input in GitLab" } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2023-3906", "datePublished": "2023-09-29T06:02:16.308Z", "dateReserved": "2023-07-25T10:30:28.538Z", "dateUpdated": "2024-10-03T06:23:12.606Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-3922
Vulnerability from cvelistv5
Published
2023-09-29 07:30
Modified
2024-10-03 06:23
Severity ?
EPSS score ?
Summary
An issue has been discovered in GitLab affecting all versions starting from 8.15 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible to hijack some links and buttons on the GitLab UI to a malicious page.
References
▼ | URL | Tags |
---|---|---|
https://gitlab.com/gitlab-org/gitlab/-/issues/394770 | issue-tracking | |
https://hackerone.com/reports/1887323 | technical-description, exploit, permissions-required |
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-3922", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-24T14:07:32.409128Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-17T15:31:21.942Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T07:08:50.765Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GitLab Issue #394770", "tags": [ "issue-tracking", "x_transferred" ], "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/394770" }, { "name": "HackerOne Bug Bounty Report #1887323", "tags": [ "technical-description", "exploit", "x_transferred" ], "url": "https://hackerone.com/reports/1887323" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "GitLab", "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", "vendor": "GitLab", "versions": [ { "lessThan": "16.2.8", "status": "affected", "version": "16.2", "versionType": "semver" }, { "lessThan": "16.3.5", "status": "affected", "version": "16.3", "versionType": "semver" }, { "lessThan": "16.4.1", "status": "affected", "version": "16.4", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Thanks [ammar2](https://hackerone.com/ammar2) for reporting this vulnerability through our HackerOne bug bounty program" } ], "descriptions": [ { "lang": "en", "value": "An issue has been discovered in GitLab affecting all versions starting from 8.15 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible to hijack some links and buttons on the GitLab UI to a malicious page." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:N/A:L", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-601", "description": "CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-03T06:23:13.181Z", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "name": "GitLab Issue #394770", "tags": [ "issue-tracking" ], "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/394770" }, { "name": "HackerOne Bug Bounty Report #1887323", "tags": [ "technical-description", "exploit", "permissions-required" ], "url": "https://hackerone.com/reports/1887323" } ], "solutions": [ { "lang": "en", "value": "Upgrade to version 16.4.1, 16.3.5, 16.2.8" } ], "title": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027) in GitLab" } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2023-3922", "datePublished": "2023-09-29T07:30:50.402Z", "dateReserved": "2023-07-25T10:30:45.145Z", "dateUpdated": "2024-10-03T06:23:13.181Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-5207
Vulnerability from cvelistv5
Published
2023-09-30 08:30
Modified
2024-10-03 06:23
Severity ?
EPSS score ?
Summary
A vulnerability was discovered in GitLab CE and EE affecting all versions starting 16.0 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. An authenticated attacker could perform arbitrary pipeline execution under the context of another user.
References
▼ | URL | Tags |
---|---|---|
https://gitlab.com/gitlab-org/gitlab/-/issues/425604 | issue-tracking | |
https://gitlab.com/gitlab-org/gitlab/-/issues/425857 | issue-tracking, permissions-required | |
https://hackerone.com/reports/2174141 | technical-description, exploit, permissions-required |
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-5207", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-07-24T18:29:24.441970Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-17T15:48:48.009Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T07:52:07.762Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GitLab Issue #425604", "tags": [ "issue-tracking", "x_transferred" ], "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/425604" }, { "name": "GitLab Issue #425857", "tags": [ "issue-tracking", "permissions-required", "x_transferred" ], "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/425857" }, { "name": "HackerOne Bug Bounty Report #2174141", "tags": [ "technical-description", "exploit", "x_transferred" ], "url": "https://hackerone.com/reports/2174141" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "GitLab", "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", "vendor": "GitLab", "versions": [ { "lessThan": "16.4.1", "status": "affected", "version": "16.4", "versionType": "semver" }, { "lessThan": "16.3.5", "status": "affected", "version": "16.3", "versionType": "semver" }, { "lessThan": "16.2.8", "status": "affected", "version": "16.0.0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Thanks [joaxcar](https://hackerone.com/joaxcar) for reporting this vulnerability through our HackerOne bug bounty program" } ], "descriptions": [ { "lang": "en", "value": "A vulnerability was discovered in GitLab CE and EE affecting all versions starting 16.0 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. An authenticated attacker could perform arbitrary pipeline execution under the context of another user." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-250", "description": "CWE-250: Execution with Unnecessary Privileges", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-03T06:23:15.965Z", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "name": "GitLab Issue #425604", "tags": [ "issue-tracking" ], "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/425604" }, { "name": "GitLab Issue #425857", "tags": [ "issue-tracking", "permissions-required" ], "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/425857" }, { "name": "HackerOne Bug Bounty Report #2174141", "tags": [ "technical-description", "exploit", "permissions-required" ], "url": "https://hackerone.com/reports/2174141" } ], "solutions": [ { "lang": "en", "value": "Upgrade to versions 16.4.1, 16.3.5, 16.2.8 or above." } ], "title": "Execution with Unnecessary Privileges in GitLab" } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2023-5207", "datePublished": "2023-09-30T08:30:30.788Z", "dateReserved": "2023-09-26T18:01:22.360Z", "dateUpdated": "2024-10-03T06:23:15.965Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-0989
Vulnerability from cvelistv5
Published
2023-09-29 06:30
Modified
2024-10-03 06:23
Severity ?
EPSS score ?
Summary
An information disclosure issue in GitLab CE/EE affecting all versions starting from 13.11 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows an attacker to extract non-protected CI/CD variables by tricking a user to visit a fork with a malicious CI/CD configuration.
References
▼ | URL | Tags |
---|---|---|
https://gitlab.com/gitlab-org/gitlab/-/issues/417275 | issue-tracking | |
https://hackerone.com/reports/1875515 | technical-description, exploit, permissions-required |
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-0989", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-24T13:25:59.406671Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-26T18:06:41.933Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T05:32:46.144Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GitLab Issue #417275", "tags": [ "issue-tracking", "x_transferred" ], "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/417275" }, { "name": "HackerOne Bug Bounty Report #1875515", "tags": [ "technical-description", "exploit", "x_transferred" ], "url": "https://hackerone.com/reports/1875515" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "GitLab", "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", "vendor": "GitLab", "versions": [ { "lessThan": "16.2.8", "status": "affected", "version": "0", "versionType": "semver" }, { "lessThan": "16.3.5", "status": "affected", "version": "16.3", "versionType": "semver" }, { "lessThan": "16.4.1", "status": "affected", "version": "16.4", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Thanks [shells3c](https://hackerone.com/shells3c) for reporting this vulnerability through our HackerOne bug bounty program" } ], "descriptions": [ { "lang": "en", "value": "An information disclosure issue in GitLab CE/EE affecting all versions starting from 13.11 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows an attacker to extract non-protected CI/CD variables by tricking a user to visit a fork with a malicious CI/CD configuration." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-282", "description": "CWE-282: Improper Ownership Management", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-03T06:23:09.605Z", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "name": "GitLab Issue #417275", "tags": [ "issue-tracking" ], "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/417275" }, { "name": "HackerOne Bug Bounty Report #1875515", "tags": [ "technical-description", "exploit", "permissions-required" ], "url": "https://hackerone.com/reports/1875515" } ], "solutions": [ { "lang": "en", "value": "Upgrade to versions 16.4.1, 16.3.5, 16.2.8 or above." } ], "title": "Improper Ownership Management in GitLab" } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2023-0989", "datePublished": "2023-09-29T06:30:56.081Z", "dateReserved": "2023-02-23T15:20:44.570Z", "dateUpdated": "2024-10-03T06:23:09.605Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-2233
Vulnerability from cvelistv5
Published
2023-09-29 06:30
Modified
2024-10-03 06:23
Severity ?
EPSS score ?
Summary
An improper authorization issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 16.2.8, all versions starting from 16.3 before 16.3.5 and all versions starting from 16.4 before 16.4.1. It allows a project reporter to leak the owner's Sentry instance projects.
References
▼ | URL | Tags |
---|---|---|
https://gitlab.com/gitlab-org/gitlab/-/issues/408359 | issue-tracking | |
https://hackerone.com/reports/1947211 | technical-description, exploit, permissions-required |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T06:19:13.579Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GitLab Issue #408359", "tags": [ "issue-tracking", "x_transferred" ], "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/408359" }, { "name": "HackerOne Bug Bounty Report #1947211", "tags": [ "technical-description", "exploit", "x_transferred" ], "url": "https://hackerone.com/reports/1947211" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-2233", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-08-30T14:19:07.736908Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-30T14:19:35.595Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "GitLab", "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", "vendor": "GitLab", "versions": [ { "lessThan": "16.2.8", "status": "affected", "version": "11.8", "versionType": "semver" }, { "lessThan": "16.3.5", "status": "affected", "version": "16.3", "versionType": "semver" }, { "lessThan": "16.4.1", "status": "affected", "version": "16.4", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Thanks [js_noob](https://hackerone.com/js_noob) for reporting this vulnerability through our HackerOne bug bounty program" } ], "descriptions": [ { "lang": "en", "value": "An improper authorization issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 16.2.8, all versions starting from 16.3 before 16.3.5 and all versions starting from 16.4 before 16.4.1. It allows a project reporter to leak the owner\u0027s Sentry instance projects." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-862", "description": "CWE-862: Missing Authorization", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-03T06:23:10.535Z", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "name": "GitLab Issue #408359", "tags": [ "issue-tracking" ], "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/408359" }, { "name": "HackerOne Bug Bounty Report #1947211", "tags": [ "technical-description", "exploit", "permissions-required" ], "url": "https://hackerone.com/reports/1947211" } ], "solutions": [ { "lang": "en", "value": "Upgrade to versions 16.2.x, 16.3.x, 16.4.x or above." } ], "title": "Missing Authorization in GitLab" } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2023-2233", "datePublished": "2023-09-29T06:30:51.179Z", "dateReserved": "2023-04-21T14:27:20.134Z", "dateUpdated": "2024-10-03T06:23:10.535Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-3413
Vulnerability from cvelistv5
Published
2023-09-29 08:30
Modified
2024-10-03 06:23
Severity ?
EPSS score ?
Summary
An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible to read the source code of a project through a fork created before changing visibility to only project members.
References
▼ | URL | Tags |
---|---|---|
https://gitlab.com/gitlab-org/gitlab/-/issues/416284 | issue-tracking | |
https://hackerone.com/reports/2027967 | technical-description, exploit, permissions-required |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T06:55:03.412Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GitLab Issue #416284", "tags": [ "issue-tracking", "x_transferred" ], "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/416284" }, { "name": "HackerOne Bug Bounty Report #2027967", "tags": [ "technical-description", "exploit", "x_transferred" ], "url": "https://hackerone.com/reports/2027967" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-3413", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-08-30T14:27:04.414291Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-30T14:27:19.075Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "GitLab", "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", "vendor": "GitLab", "versions": [ { "lessThan": "16.2.8", "status": "affected", "version": "16.2", "versionType": "semver" }, { "lessThan": "16.3.5", "status": "affected", "version": "16.3", "versionType": "semver" }, { "lessThan": "16.4.1", "status": "affected", "version": "16.4", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Thanks [shells3c](https://hackerone.com/shells3c) for reporting this vulnerability through our HackerOne bug bounty program" } ], "descriptions": [ { "lang": "en", "value": "An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible to read the source code of a project through a fork created before changing visibility to only project members." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-201", "description": "CWE-201: Insertion of Sensitive Information Into Sent Data", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-03T06:23:11.697Z", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "name": "GitLab Issue #416284", "tags": [ "issue-tracking" ], "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/416284" }, { "name": "HackerOne Bug Bounty Report #2027967", "tags": [ "technical-description", "exploit", "permissions-required" ], "url": "https://hackerone.com/reports/2027967" } ], "solutions": [ { "lang": "en", "value": "Upgrade to versions 16.4.1, 16.3.5, 16.2.8 or above." } ], "title": "Insertion of Sensitive Information Into Sent Data in GitLab" } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2023-3413", "datePublished": "2023-09-29T08:30:56.742Z", "dateReserved": "2023-06-26T15:18:03.657Z", "dateUpdated": "2024-10-03T06:23:11.697Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-3920
Vulnerability from cvelistv5
Published
2023-09-29 06:02
Modified
2024-10-03 06:23
Severity ?
EPSS score ?
Summary
An issue has been discovered in GitLab affecting all versions starting from 11.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible that a maintainer to create a fork relationship between existing projects contrary to the documentation.
References
▼ | URL | Tags |
---|---|---|
https://gitlab.com/gitlab-org/gitlab/-/issues/417481 | issue-tracking | |
https://hackerone.com/reports/2058121 | technical-description, exploit, permissions-required |
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-3920", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-24T18:28:54.700432Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-24T18:29:02.167Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T07:08:50.695Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GitLab Issue #417481", "tags": [ "issue-tracking", "x_transferred" ], "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/417481" }, { "name": "HackerOne Bug Bounty Report #2058121", "tags": [ "technical-description", "exploit", "x_transferred" ], "url": "https://hackerone.com/reports/2058121" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "GitLab", "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", "vendor": "GitLab", "versions": [ { "lessThan": "16.2.8", "status": "affected", "version": "11.2", "versionType": "semver" }, { "lessThan": "16.3.5", "status": "affected", "version": "16.3", "versionType": "semver" }, { "lessThan": "16.4.1", "status": "affected", "version": "16.4", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Thanks [theluci](https://hackerone.com/theluci) for reporting this vulnerability through our HackerOne bug bounty program" } ], "descriptions": [ { "lang": "en", "value": "An issue has been discovered in GitLab affecting all versions starting from 11.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible that a maintainer to create a fork relationship between existing projects contrary to the documentation." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-863", "description": "CWE-863: Incorrect Authorization", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-03T06:23:13.074Z", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "name": "GitLab Issue #417481", "tags": [ "issue-tracking" ], "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/417481" }, { "name": "HackerOne Bug Bounty Report #2058121", "tags": [ "technical-description", "exploit", "permissions-required" ], "url": "https://hackerone.com/reports/2058121" } ], "solutions": [ { "lang": "en", "value": "Upgrade to version 16.4.1, 16.3.5, 16.2.8" } ], "title": "Incorrect Authorization in GitLab" } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2023-3920", "datePublished": "2023-09-29T06:02:31.303Z", "dateReserved": "2023-07-25T10:30:33.135Z", "dateUpdated": "2024-10-03T06:23:13.074Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-5198
Vulnerability from cvelistv5
Published
2023-09-29 07:01
Modified
2024-10-03 06:23
Severity ?
EPSS score ?
Summary
An issue has been discovered in GitLab affecting all versions prior to 16.2.7, all versions starting from 16.3 before 16.3.5, and all versions starting from 16.4 before 16.4.1. It was possible for a removed project member to write to protected branches using deploy keys.
References
▼ | URL | Tags |
---|---|---|
https://gitlab.com/gitlab-org/gitlab/-/issues/416957 | issue-tracking | |
https://hackerone.com/reports/2041789 | technical-description, exploit, permissions-required |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:52:07.928Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GitLab Issue #416957", "tags": [ "issue-tracking", "x_transferred" ], "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/416957" }, { "name": "HackerOne Bug Bounty Report #2041789", "tags": [ "technical-description", "exploit", "x_transferred" ], "url": "https://hackerone.com/reports/2041789" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-5198", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-08-30T15:12:22.702062Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-30T15:12:36.058Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "GitLab", "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", "vendor": "GitLab", "versions": [ { "lessThanOrEqual": "16.2.7", "status": "affected", "version": "0", "versionType": "semver" }, { "lessThan": "16.3.5", "status": "affected", "version": "16.3", "versionType": "semver" }, { "lessThan": "16.4.1", "status": "affected", "version": "16.4", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Thanks [theluci](https://hackerone.com/theluci) for reporting this vulnerability through our HackerOne bug bounty program" } ], "descriptions": [ { "lang": "en", "value": "An issue has been discovered in GitLab affecting all versions prior to 16.2.7, all versions starting from 16.3 before 16.3.5, and all versions starting from 16.4 before 16.4.1. It was possible for a removed project member to write to protected branches using deploy keys." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-863", "description": "CWE-863: Incorrect Authorization", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-03T06:23:15.865Z", "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab" }, "references": [ { "name": "GitLab Issue #416957", "tags": [ "issue-tracking" ], "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/416957" }, { "name": "HackerOne Bug Bounty Report #2041789", "tags": [ "technical-description", "exploit", "permissions-required" ], "url": "https://hackerone.com/reports/2041789" } ], "solutions": [ { "lang": "en", "value": "Upgrade to versions 16.4.1, 16.3.5, 16.2.8 or above." } ], "title": "Incorrect Authorization in GitLab" } }, "cveMetadata": { "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "cveId": "CVE-2023-5198", "datePublished": "2023-09-29T07:01:42.219Z", "dateReserved": "2023-09-26T10:01:49.676Z", "dateUpdated": "2024-10-03T06:23:15.865Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.