An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible to read the source code of a project through a fork created before changing visibility to only project members.
References
Link | Resource |
---|---|
https://gitlab.com/gitlab-org/gitlab/-/issues/416284 | Broken Link |
https://hackerone.com/reports/2027967 | Permissions Required |
Configurations
Configuration 1 (hide)
|
History
03 Oct 2023, 19:55
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:gitlab:gitlab:16.4.0:*:*:*:community:*:*:* cpe:2.3:a:gitlab:gitlab:16.4.0:*:*:*:enterprise:*:*:* cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:* cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
CWE | NVD-CWE-noinfo | |
First Time |
Gitlab
Gitlab gitlab |
|
References | (MISC) https://hackerone.com/reports/2027967 - Permissions Required | |
References | (MISC) https://gitlab.com/gitlab-org/gitlab/-/issues/416284 - Broken Link |
29 Sep 2023, 09:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-09-29 09:15
Updated : 2024-02-28 20:33
NVD link : CVE-2023-3413
Mitre link : CVE-2023-3413
CVE.ORG link : CVE-2023-3413
JSON object : View
Products Affected
gitlab
- gitlab
CWE