csaf_certbund - wid-sec-w-2024-0216

WID-SEC-W-2024-0216

Vulnerability from csaf_certbund - Published: 2024-01-25 23:00 - Updated: 2025-03-18 23:00

Summary

GitLab: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

GitLab ist eine Webanwendung zur Versionsverwaltung für Softwareprojekte auf Basis von git.

Angriff

Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in GitLab ausnutzen, um beliebigen Programmcode auszuführen, unbekannte Auswirkungen zu verursachen, Dateien zu manipulieren, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.

Betroffene Betriebssysteme

- Linux - Sonstiges - UNIX - Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "kritisch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "GitLab ist eine Webanwendung zur Versionsverwaltung f\u00fcr Softwareprojekte auf Basis von git.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in GitLab ausnutzen, um beliebigen Programmcode auszuf\u00fchren, unbekannte Auswirkungen zu verursachen, Dateien zu manipulieren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-0216 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0216.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-0216 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0216"
      },
      {
        "category": "external",
        "summary": "GitLab Critical Security Release vom 2024-01-25",
        "url": "https://about.gitlab.com/releases/2024/01/25/critical-security-release-gitlab-16-8-1-released/"
      },
      {
        "category": "external",
        "summary": "Exploit auf blog.doyensec.com vom 2025-03-18",
        "url": "https://www.reddit.com/r/netsec/comments/1je4j6r/arbitrary_file_write_cve20240402_in_gitlab_exploit/?rdt=53095"
      }
    ],
    "source_lang": "en-US",
    "title": "GitLab: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-03-18T23:00:00.000+00:00",
      "generator": {
        "date": "2025-03-19T09:02:49.780+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.12"
        }
      },
      "id": "WID-SEC-W-2024-0216",
      "initial_release_date": "2024-01-25T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-01-25T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2025-03-18T23:00:00.000+00:00",
          "number": "2",
          "summary": "Exploit aufgenommen"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c16.8.1 Enterprise",
                "product": {
                  "name": "Open Source GitLab \u003c16.8.1 Enterprise",
                  "product_id": "T032340"
                }
              },
              {
                "category": "product_version",
                "name": "16.8.1 Enterprise",
                "product": {
                  "name": "Open Source GitLab 16.8.1 Enterprise",
                  "product_id": "T032340-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:gitlab:gitlab:16.8.1_enterprise"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c16.8.1 Community",
                "product": {
                  "name": "Open Source GitLab \u003c16.8.1 Community",
                  "product_id": "T032341"
                }
              },
              {
                "category": "product_version",
                "name": "16.8.1 Community",
                "product": {
                  "name": "Open Source GitLab 16.8.1 Community",
                  "product_id": "T032341-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:gitlab:gitlab:16.8.1_community"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c16.7.4 Enterprise",
                "product": {
                  "name": "Open Source GitLab \u003c16.7.4 Enterprise",
                  "product_id": "T032342"
                }
              },
              {
                "category": "product_version",
                "name": "16.7.4 Enterprise",
                "product": {
                  "name": "Open Source GitLab 16.7.4 Enterprise",
                  "product_id": "T032342-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:gitlab:gitlab:16.7.4_enterprise"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c16.7.4 Community",
                "product": {
                  "name": "Open Source GitLab \u003c16.7.4 Community",
                  "product_id": "T032343"
                }
              },
              {
                "category": "product_version",
                "name": "16.7.4 Community",
                "product": {
                  "name": "Open Source GitLab 16.7.4 Community",
                  "product_id": "T032343-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:gitlab:gitlab:16.7.4_community"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c16.6.6 Enterprise",
                "product": {
                  "name": "Open Source GitLab \u003c16.6.6 Enterprise",
                  "product_id": "T032344"
                }
              },
              {
                "category": "product_version",
                "name": "16.6.6 Enterprise",
                "product": {
                  "name": "Open Source GitLab 16.6.6 Enterprise",
                  "product_id": "T032344-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:gitlab:gitlab:16.6.6_enterprise"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c16.6.6 Community",
                "product": {
                  "name": "Open Source GitLab \u003c16.6.6 Community",
                  "product_id": "T032345"
                }
              },
              {
                "category": "product_version",
                "name": "16.6.6 Community",
                "product": {
                  "name": "Open Source GitLab 16.6.6 Community",
                  "product_id": "T032345-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:gitlab:gitlab:16.6.6_community"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c16.5.8 Enterprise",
                "product": {
                  "name": "Open Source GitLab \u003c16.5.8 Enterprise",
                  "product_id": "T032346"
                }
              },
              {
                "category": "product_version",
                "name": "16.5.8 Enterprise",
                "product": {
                  "name": "Open Source GitLab 16.5.8 Enterprise",
                  "product_id": "T032346-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:gitlab:gitlab:16.5.8_enterprise"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c16.5.8 Community",
                "product": {
                  "name": "Open Source GitLab \u003c16.5.8 Community",
                  "product_id": "T032347"
                }
              },
              {
                "category": "product_version",
                "name": "16.5.8 Community",
                "product": {
                  "name": "Open Source GitLab 16.5.8 Community",
                  "product_id": "T032347-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:gitlab:gitlab:16.5.8_community"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "GitLab"
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-41056",
      "product_status": {
        "known_affected": [
          "T032346",
          "T032347",
          "T032344",
          "T032345",
          "T032342",
          "T032343",
          "T032340",
          "T032341"
        ]
      },
      "release_date": "2024-01-25T23:00:00.000+00:00",
      "title": "CVE-2023-41056"
    },
    {
      "cve": "CVE-2023-45322",
      "product_status": {
        "known_affected": [
          "T032346",
          "T032347",
          "T032344",
          "T032345",
          "T032342",
          "T032343",
          "T032340",
          "T032341"
        ]
      },
      "release_date": "2024-01-25T23:00:00.000+00:00",
      "title": "CVE-2023-45322"
    },
    {
      "cve": "CVE-2024-0402",
      "product_status": {
        "known_affected": [
          "T032346",
          "T032347",
          "T032344",
          "T032345",
          "T032342",
          "T032343",
          "T032340",
          "T032341"
        ]
      },
      "release_date": "2024-01-25T23:00:00.000+00:00",
      "title": "CVE-2024-0402"
    },
    {
      "cve": "CVE-2023-6159",
      "product_status": {
        "known_affected": [
          "T032346",
          "T032347",
          "T032344",
          "T032345",
          "T032342",
          "T032343",
          "T032340",
          "T032341"
        ]
      },
      "release_date": "2024-01-25T23:00:00.000+00:00",
      "title": "CVE-2023-6159"
    },
    {
      "cve": "CVE-2023-5933",
      "product_status": {
        "known_affected": [
          "T032346",
          "T032347",
          "T032344",
          "T032345",
          "T032342",
          "T032343",
          "T032340",
          "T032341"
        ]
      },
      "release_date": "2024-01-25T23:00:00.000+00:00",
      "title": "CVE-2023-5933"
    },
    {
      "cve": "CVE-2023-5612",
      "product_status": {
        "known_affected": [
          "T032346",
          "T032347",
          "T032344",
          "T032345",
          "T032342",
          "T032343",
          "T032340",
          "T032341"
        ]
      },
      "release_date": "2024-01-25T23:00:00.000+00:00",
      "title": "CVE-2023-5612"
    },
    {
      "cve": "CVE-2024-0456",
      "product_status": {
        "known_affected": [
          "T032344",
          "T032345",
          "T032342",
          "T032343",
          "T032340",
          "T032341"
        ]
      },
      "release_date": "2024-01-25T23:00:00.000+00:00",
      "title": "CVE-2024-0456"
    }
  ]
}

CVE-2024-0402 (GCVE-0-2024-0402)

Vulnerability from cvelistv5 – Published: 2024-01-26 01:02 – Updated: 2025-06-03 18:01

Summary

An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1 which allows an authenticated user to write files to arbitrary locations on the GitLab server while creating a workspace.

Severity ?

9.9 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Assigner

GitLab

References

URL

Tags

	https://about.gitlab.com/releases/2024/01/25/crit…
	https://gitlab.com/gitlab-org/gitlab/-/issues/437819	issue-tracking

Impacted products

	Vendor	Product	Version
	GitLab	GitLab	Affected: 16.0 , < 16.5.8 (semver) Affected: 16.6 , < 16.6.6 (semver) Affected: 16.7 , < 16.7.4 (semver) Affected: 16.8 , < 16.8.1 (semver) cpe:2.3:a:gitlab:gitlab::::::::

Credits

This vulnerability has been discovered internally by GitLab team member [joernchen](https://gitlab.com/joernchen)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T18:04:49.576Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://about.gitlab.com/releases/2024/01/25/critical-security-release-gitlab-16-8-1-released/"
          },
          {
            "name": "GitLab Issue #437819",
            "tags": [
              "issue-tracking",
              "x_transferred"
            ],
            "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/437819"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-0402",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-03T18:01:24.319017Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-03T18:01:33.069Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "GitLab",
          "repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
          "vendor": "GitLab",
          "versions": [
            {
              "lessThan": "16.5.8",
              "status": "affected",
              "version": "16.0",
              "versionType": "semver"
            },
            {
              "lessThan": "16.6.6",
              "status": "affected",
              "version": "16.6",
              "versionType": "semver"
            },
            {
              "lessThan": "16.7.4",
              "status": "affected",
              "version": "16.7",
              "versionType": "semver"
            },
            {
              "lessThan": "16.8.1",
              "status": "affected",
              "version": "16.8",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "This vulnerability has been discovered internally by GitLab team member [joernchen](https://gitlab.com/joernchen)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1 which allows an authenticated user to write files to arbitrary locations on the GitLab server while creating a workspace."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.9,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-29T15:04:54.380Z",
        "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
        "shortName": "GitLab"
      },
      "references": [
        {
          "url": "https://about.gitlab.com/releases/2024/01/25/critical-security-release-gitlab-16-8-1-released/"
        },
        {
          "name": "GitLab Issue #437819",
          "tags": [
            "issue-tracking"
          ],
          "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/437819"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Upgrade to versions 16.8.1, 16.7.4, 16.6.6, 16.5.8 or above."
        }
      ],
      "title": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) in GitLab"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
    "assignerShortName": "GitLab",
    "cveId": "CVE-2024-0402",
    "datePublished": "2024-01-26T01:02:39.052Z",
    "dateReserved": "2024-01-10T16:30:43.698Z",
    "dateUpdated": "2025-06-03T18:01:33.069Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-41056 (GCVE-0-2023-41056)

Vulnerability from cvelistv5 – Published: 2024-01-10 15:59 – Updated: 2025-06-17 14:42

Summary

Redis is an in-memory database that persists on disk. Redis incorrectly handles resizing of memory buffers which can result in integer overflow that leads to heap overflow and potential remote code execution. This issue has been patched in version 7.0.15 and 7.2.4.

Severity ?

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-762 - Mismatched Memory Management Routines
CWE-190 - Integer Overflow or Wraparound

Assigner

GitHub_M

References

URL

Tags

	https://github.com/redis/redis/security/advisorie…	x_refsource_CONFIRM
	https://github.com/redis/redis/releases/tag/7.0.15	x_refsource_MISC
	https://github.com/redis/redis/releases/tag/7.2.4	x_refsource_MISC
	https://lists.fedoraproject.org/archives/list/pac…
	https://lists.fedoraproject.org/archives/list/pac…
	https://security.netapp.com/advisory/ntap-2024022…

Impacted products

	Vendor	Product	Version
	redis	redis	Affected: >= 7.0.9, < 7.0.15 Affected: >= 7.2.0, < 7.2.4

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T18:46:11.706Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/redis/redis/security/advisories/GHSA-xr47-pcmx-fq2m",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/redis/redis/security/advisories/GHSA-xr47-pcmx-fq2m"
          },
          {
            "name": "https://github.com/redis/redis/releases/tag/7.0.15",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/redis/redis/releases/tag/7.0.15"
          },
          {
            "name": "https://github.com/redis/redis/releases/tag/7.2.4",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/redis/redis/releases/tag/7.2.4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JTGQJ2YLYB24B72I5B5H32YIMPVSWIT/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JTWHPLC3RI67VNRDOIXLDVNC5YMYBMQN/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240223-0003/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-41056",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-17T14:41:47.275229Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-17T14:42:05.153Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "redis",
          "vendor": "redis",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 7.0.9, \u003c 7.0.15"
            },
            {
              "status": "affected",
              "version": "\u003e= 7.2.0, \u003c 7.2.4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Redis is an in-memory database that persists on disk. Redis incorrectly handles resizing of memory buffers which can result in integer overflow that leads to heap overflow and potential remote code execution. This issue has been patched in version 7.0.15 and 7.2.4."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-762",
              "description": "CWE-762: Mismatched Memory Management Routines",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190: Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-23T16:05:54.365Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/redis/redis/security/advisories/GHSA-xr47-pcmx-fq2m",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/redis/redis/security/advisories/GHSA-xr47-pcmx-fq2m"
        },
        {
          "name": "https://github.com/redis/redis/releases/tag/7.0.15",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/redis/redis/releases/tag/7.0.15"
        },
        {
          "name": "https://github.com/redis/redis/releases/tag/7.2.4",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/redis/redis/releases/tag/7.2.4"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JTGQJ2YLYB24B72I5B5H32YIMPVSWIT/"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JTWHPLC3RI67VNRDOIXLDVNC5YMYBMQN/"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20240223-0003/"
        }
      ],
      "source": {
        "advisory": "GHSA-xr47-pcmx-fq2m",
        "discovery": "UNKNOWN"
      },
      "title": "Redis vulnerable to integer overflow in certain payloads"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2023-41056",
    "datePublished": "2024-01-10T15:59:36.752Z",
    "dateReserved": "2023-08-22T16:57:23.934Z",
    "dateUpdated": "2025-06-17T14:42:05.153Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-45322 (GCVE-0-2023-45322)

Vulnerability from cvelistv5 – Published: 2023-10-06 00:00 – Updated: 2025-11-03 20:36

Summary

libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor's position is "I don't think these issues are critical enough to warrant a CVE ID ... because an attacker typically can't control when memory allocations fail."

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://gitlab.gnome.org/GNOME/libxml2/-/issues/583
	https://gitlab.gnome.org/GNOME/libxml2/-/issues/344
	http://www.openwall.com/lists/oss-security/2023/10/06/5	mailing-list

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T20:36:02.432Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/583"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/344"
          },
          {
            "name": "[oss-security] 20231006 CVE-2023-45322: Use-after-free in libxml2 through 2.11.5",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/10/06/5"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/02/msg00028.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-45322",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-19T18:12:15.161434Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-19T18:12:42.230Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor\u0027s position is \"I don\u0027t think these issues are critical enough to warrant a CVE ID ... because an attacker typically can\u0027t control when memory allocations fail.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-06T23:06:15.711Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/583"
        },
        {
          "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/344"
        },
        {
          "name": "[oss-security] 20231006 CVE-2023-45322: Use-after-free in libxml2 through 2.11.5",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2023/10/06/5"
        }
      ],
      "tags": [
        "disputed"
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-45322",
    "datePublished": "2023-10-06T00:00:00.000Z",
    "dateReserved": "2023-10-06T00:00:00.000Z",
    "dateUpdated": "2025-11-03T20:36:02.432Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-0456 (GCVE-0-2024-0456)

Vulnerability from cvelistv5 – Published: 2024-01-26 01:02 – Updated: 2025-05-29 15:17

Summary

An authorization vulnerability exists in GitLab versions 14.0 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. An unauthorized attacker is able to assign arbitrary users to MRs that they created within the project

Severity ?

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

CWE

CWE-425 - Direct Request ('Forced Browsing')

Assigner

GitLab

References

URL

Tags

	https://about.gitlab.com/releases/2024/01/25/crit…
	https://gitlab.com/gitlab-org/gitlab/-/issues/430726	issue-tracking

Impacted products

	Vendor	Product	Version
	GitLab	GitLab	Affected: 14.0 , < 16.6.6 (semver) Affected: 16.7 , < 16.7.4 (semver) Affected: 16.8 , < 16.8.1 (semver) cpe:2.3:a:gitlab:gitlab::::::::

Credits

Thanks to [Niklas](https://gitlab.com/Taucher2003) for reporting this vulnerability

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T18:04:49.813Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://about.gitlab.com/releases/2024/01/25/critical-security-release-gitlab-16-8-1-released/"
          },
          {
            "name": "GitLab Issue #430726",
            "tags": [
              "issue-tracking",
              "x_transferred"
            ],
            "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/430726"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-0456",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-08T15:52:46.854334Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-29T15:17:26.228Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "GitLab",
          "repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
          "vendor": "GitLab",
          "versions": [
            {
              "lessThan": "16.6.6",
              "status": "affected",
              "version": "14.0",
              "versionType": "semver"
            },
            {
              "lessThan": "16.7.4",
              "status": "affected",
              "version": "16.7",
              "versionType": "semver"
            },
            {
              "lessThan": "16.8.1",
              "status": "affected",
              "version": "16.8",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Thanks to [Niklas](https://gitlab.com/Taucher2003) for reporting this vulnerability"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An authorization vulnerability exists in GitLab versions 14.0 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. An unauthorized attacker is able to assign arbitrary users to MRs that they created within the project"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-425",
              "description": "CWE-425: Direct Request (\u0027Forced Browsing\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-15T22:56:39.536Z",
        "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
        "shortName": "GitLab"
      },
      "references": [
        {
          "url": "https://about.gitlab.com/releases/2024/01/25/critical-security-release-gitlab-16-8-1-released/"
        },
        {
          "name": "GitLab Issue #430726",
          "tags": [
            "issue-tracking"
          ],
          "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/430726"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Upgrade to versions 16.8.1, 16.7.4, 16.6.6 or above"
        }
      ],
      "title": "Direct Request (\u0027Forced Browsing\u0027) in GitLab"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
    "assignerShortName": "GitLab",
    "cveId": "CVE-2024-0456",
    "datePublished": "2024-01-26T01:02:43.953Z",
    "dateReserved": "2024-01-12T08:02:33.279Z",
    "dateUpdated": "2025-05-29T15:17:26.228Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-5933 (GCVE-0-2023-5933)

Vulnerability from cvelistv5 – Published: 2024-01-26 01:02 – Updated: 2025-11-20 04:10

Summary

An issue has been discovered in GitLab CE/EE affecting all versions after 13.7 before 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. Improper input sanitization of user name allows arbitrary API PUT requests.

Severity ?

6.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N

CWE

CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)

Assigner

GitLab

References

URL

Tags

	https://about.gitlab.com/releases/2024/01/25/crit…
	https://gitlab.com/gitlab-org/gitlab/-/issues/430236	issue-tracking
	https://hackerone.com/reports/2225710	technical-descriptionexploitpermissions-required

Impacted products

	Vendor	Product	Version
	GitLab	GitLab	Affected: 13.7 , < 16.6.6 (semver) Affected: 16.7 , < 16.7.4 (semver) Affected: 16.8 , < 16.8.1 (semver) cpe:2.3:a:gitlab:gitlab::::::::

Credits

Thanks [yvvdwf](https://hackerone.com/yvvdwf) for reporting this vulnerability through our HackerOne bug bounty program

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:14:25.134Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://about.gitlab.com/releases/2024/01/25/critical-security-release-gitlab-16-8-1-released/"
          },
          {
            "name": "GitLab Issue #430236",
            "tags": [
              "issue-tracking",
              "x_transferred"
            ],
            "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/430236"
          },
          {
            "name": "HackerOne Bug Bounty Report #2225710",
            "tags": [
              "technical-description",
              "exploit",
              "x_transferred"
            ],
            "url": "https://hackerone.com/reports/2225710"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-5933",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T15:00:09.174638Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T15:00:22.845Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "GitLab",
          "repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
          "vendor": "GitLab",
          "versions": [
            {
              "lessThan": "16.6.6",
              "status": "affected",
              "version": "13.7",
              "versionType": "semver"
            },
            {
              "lessThan": "16.7.4",
              "status": "affected",
              "version": "16.7",
              "versionType": "semver"
            },
            {
              "lessThan": "16.8.1",
              "status": "affected",
              "version": "16.8",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Thanks [yvvdwf](https://hackerone.com/yvvdwf) for reporting this vulnerability through our HackerOne bug bounty program"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue has been discovered in GitLab CE/EE affecting all versions after 13.7 before 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. Improper input sanitization of user name allows arbitrary API PUT requests."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-80",
              "description": "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-20T04:10:58.262Z",
        "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
        "shortName": "GitLab"
      },
      "references": [
        {
          "url": "https://about.gitlab.com/releases/2024/01/25/critical-security-release-gitlab-16-8-1-released/"
        },
        {
          "name": "GitLab Issue #430236",
          "tags": [
            "issue-tracking"
          ],
          "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/430236"
        },
        {
          "name": "HackerOne Bug Bounty Report #2225710",
          "tags": [
            "technical-description",
            "exploit",
            "permissions-required"
          ],
          "url": "https://hackerone.com/reports/2225710"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Upgrade to versions 16.8.1, 16.7.4, 16.6.6 or above."
        }
      ],
      "title": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in GitLab"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
    "assignerShortName": "GitLab",
    "cveId": "CVE-2023-5933",
    "datePublished": "2024-01-26T01:02:58.931Z",
    "dateReserved": "2023-11-02T15:01:52.148Z",
    "dateUpdated": "2025-11-20T04:10:58.262Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-6159 (GCVE-0-2023-6159)

Vulnerability from cvelistv5 – Published: 2024-01-26 02:02 – Updated: 2025-11-20 04:11

Summary

An issue has been discovered in GitLab CE/EE affecting all versions from 12.7 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1 It was possible for an attacker to trigger a Regular Expression Denial of Service via a `Cargo.toml` containing maliciously crafted input.

Severity ?

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-1333 - Inefficient Regular Expression Complexity

Assigner

GitLab

References

URL

Tags

	https://about.gitlab.com/releases/2024/01/25/crit…
	https://gitlab.com/gitlab-org/gitlab/-/issues/431924	issue-tracking
	https://hackerone.com/reports/2251278	technical-descriptionexploitpermissions-required

Impacted products

	Vendor	Product	Version
	GitLab	GitLab	Affected: 12.7 , < 16.6.6 (semver) Affected: 16.7 , < 16.7.4 (semver) Affected: 16.8 , < 16.8.1 (semver) cpe:2.3:a:gitlab:gitlab::::::::

Credits

Thanks [yvvdwf](https://hackerone.com/yvvdwf) for reporting this vulnerability through our HackerOne bug bounty program

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:21:17.706Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://about.gitlab.com/releases/2024/01/25/critical-security-release-gitlab-16-8-1-released/"
          },
          {
            "name": "GitLab Issue #431924",
            "tags": [
              "issue-tracking",
              "x_transferred"
            ],
            "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/431924"
          },
          {
            "name": "HackerOne Bug Bounty Report #2251278",
            "tags": [
              "technical-description",
              "exploit",
              "x_transferred"
            ],
            "url": "https://hackerone.com/reports/2251278"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-6159",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-02-21T16:56:36.041200Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-09T20:45:42.206Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "GitLab",
          "repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
          "vendor": "GitLab",
          "versions": [
            {
              "lessThan": "16.6.6",
              "status": "affected",
              "version": "12.7",
              "versionType": "semver"
            },
            {
              "lessThan": "16.7.4",
              "status": "affected",
              "version": "16.7",
              "versionType": "semver"
            },
            {
              "lessThan": "16.8.1",
              "status": "affected",
              "version": "16.8",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Thanks [yvvdwf](https://hackerone.com/yvvdwf) for reporting this vulnerability through our HackerOne bug bounty program"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue has been discovered in GitLab CE/EE affecting all versions from 12.7 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1 It was possible for an attacker to trigger a Regular Expression Denial of Service via a `Cargo.toml` containing maliciously crafted input."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1333",
              "description": "CWE-1333: Inefficient Regular Expression Complexity",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-20T04:11:18.264Z",
        "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
        "shortName": "GitLab"
      },
      "references": [
        {
          "url": "https://about.gitlab.com/releases/2024/01/25/critical-security-release-gitlab-16-8-1-released/"
        },
        {
          "name": "GitLab Issue #431924",
          "tags": [
            "issue-tracking"
          ],
          "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/431924"
        },
        {
          "name": "HackerOne Bug Bounty Report #2251278",
          "tags": [
            "technical-description",
            "exploit",
            "permissions-required"
          ],
          "url": "https://hackerone.com/reports/2251278"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Upgrade to versions 16.8.1, 16.7.4, 16.6.6 or above."
        }
      ],
      "title": "Inefficient Regular Expression Complexity in GitLab"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
    "assignerShortName": "GitLab",
    "cveId": "CVE-2023-6159",
    "datePublished": "2024-01-26T02:02:29.909Z",
    "dateReserved": "2023-11-15T18:00:57.865Z",
    "dateUpdated": "2025-11-20T04:11:18.264Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-5612 (GCVE-0-2023-5612)

Vulnerability from cvelistv5 – Published: 2024-01-26 02:02 – Updated: 2025-11-20 04:10

Summary

An issue has been discovered in GitLab affecting all versions before 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. It was possible to read the user email address via tags feed although the visibility in the user profile has been disabled.

Severity ?

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE

CWE-862 - Missing Authorization

Assigner

GitLab

References

URL

Tags

	https://about.gitlab.com/releases/2024/01/25/crit…
	https://gitlab.com/gitlab-org/gitlab/-/issues/428441	issue-trackingpermissions-required
	https://hackerone.com/reports/2208790	technical-descriptionexploitpermissions-required

Impacted products

	Vendor	Product	Version
	GitLab	GitLab	Affected: 0 , < 16.6.6 (semver) Affected: 16.7 , < 16.7.4 (semver) Affected: 16.8 , < 16.8.1 (semver) cpe:2.3:a:gitlab:gitlab::::::::

Credits

Thanks [erruqill](https://hackerone.com/erruqill) for reporting this vulnerability through our HackerOne bug bounty program

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:07:32.101Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://about.gitlab.com/releases/2024/01/25/critical-security-release-gitlab-16-8-1-released/"
          },
          {
            "name": "GitLab Issue #428441",
            "tags": [
              "issue-tracking",
              "permissions-required",
              "x_transferred"
            ],
            "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/428441"
          },
          {
            "name": "HackerOne Bug Bounty Report #2208790",
            "tags": [
              "technical-description",
              "exploit",
              "x_transferred"
            ],
            "url": "https://hackerone.com/reports/2208790"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:gitlab:gitlab:-:*:*:*:-:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "gitlab",
            "vendor": "gitlab",
            "versions": [
              {
                "lessThan": "16.6.6",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              },
              {
                "lessThan": "16.7.4",
                "status": "affected",
                "version": "16.7",
                "versionType": "semver"
              },
              {
                "lessThan": "16.8.1",
                "status": "affected",
                "version": "16.8",
                "versionType": "semver"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-5612",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-01-29T18:55:24.572021Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-18T15:14:36.475Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "GitLab",
          "repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
          "vendor": "GitLab",
          "versions": [
            {
              "lessThan": "16.6.6",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "16.7.4",
              "status": "affected",
              "version": "16.7",
              "versionType": "semver"
            },
            {
              "lessThan": "16.8.1",
              "status": "affected",
              "version": "16.8",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Thanks [erruqill](https://hackerone.com/erruqill) for reporting this vulnerability through our HackerOne bug bounty program"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue has been discovered in GitLab affecting all versions before 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. It was possible to read the user email address via tags feed although the visibility in the user profile has been disabled."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-862",
              "description": "CWE-862: Missing Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-20T04:10:48.267Z",
        "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
        "shortName": "GitLab"
      },
      "references": [
        {
          "url": "https://about.gitlab.com/releases/2024/01/25/critical-security-release-gitlab-16-8-1-released/"
        },
        {
          "name": "GitLab Issue #428441",
          "tags": [
            "issue-tracking",
            "permissions-required"
          ],
          "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/428441"
        },
        {
          "name": "HackerOne Bug Bounty Report #2208790",
          "tags": [
            "technical-description",
            "exploit",
            "permissions-required"
          ],
          "url": "https://hackerone.com/reports/2208790"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Upgrade to versions 16.8.1, 16.7.4, 16.6.6 or above."
        }
      ],
      "title": "Missing Authorization in GitLab"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
    "assignerShortName": "GitLab",
    "cveId": "CVE-2023-5612",
    "datePublished": "2024-01-26T02:02:39.783Z",
    "dateReserved": "2023-10-17T11:30:31.181Z",
    "dateUpdated": "2025-11-20T04:10:48.267Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

WID-SEC-W-2024-0216

CVE-2024-0402 (GCVE-0-2024-0402)

CVE-2023-41056 (GCVE-0-2023-41056)

CVE-2023-45322 (GCVE-0-2023-45322)

CVE-2024-0456 (GCVE-0-2024-0456)

CVE-2023-5933 (GCVE-0-2023-5933)

CVE-2023-6159 (GCVE-0-2023-6159)

CVE-2023-5612 (GCVE-0-2023-5612)

Tags

Sightings

Nomenclature