An issue has been discovered in GitLab EE affecting all versions starting from 15.2 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. A malicious group member may continue to have access to the public projects of a public group even after being banned from the public group by the owner.
References
Link | Resource |
---|---|
https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0805.json | Third Party Advisory |
https://gitlab.com/gitlab-org/gitlab/-/issues/391433 | Broken Link |
https://hackerone.com/reports/1850046 | Permissions Required |
Configurations
Configuration 1 (hide)
|
History
09 May 2023, 20:54
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.1 |
References | (MISC) https://hackerone.com/reports/1850046 - Permissions Required | |
References | (CONFIRM) https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0805.json - Third Party Advisory | |
References | (MISC) https://gitlab.com/gitlab-org/gitlab/-/issues/391433 - Broken Link | |
CPE | cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:* | |
CWE | NVD-CWE-noinfo | |
First Time |
Gitlab
Gitlab gitlab |
03 May 2023, 22:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-05-03 22:15
Updated : 2023-12-10 15:01
NVD link : CVE-2023-0805
Mitre link : CVE-2023-0805
CVE.ORG link : CVE-2023-0805
JSON object : View
Products Affected
gitlab
- gitlab
CWE