A sensitive information disclosure vulnerability in GitLab affecting all versions from 15.0 prior to 15.8.5, 15.9 prior to 15.9.4 and 15.10 prior to 15.10.1 allows an attacker to view the count of internal notes for a given issue.
References
Link | Resource |
---|---|
https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-1710.json | Vendor Advisory |
https://gitlab.com/gitlab-org/gitlab/-/issues/388242 | Broken Link |
https://hackerone.com/reports/1829768 | Permissions Required |
Configurations
Configuration 1 (hide)
|
History
12 Apr 2023, 19:16
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.3 |
CPE | cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:* cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:* cpe:2.3:a:gitlab:gitlab:15.10.0:*:*:*:enterprise:*:*:* cpe:2.3:a:gitlab:gitlab:15.10.0:*:*:*:community:*:*:* |
|
First Time |
Gitlab
Gitlab gitlab |
|
CWE | NVD-CWE-noinfo | |
References | (MISC) https://hackerone.com/reports/1829768 - Permissions Required | |
References | (MISC) https://gitlab.com/gitlab-org/gitlab/-/issues/388242 - Broken Link | |
References | (CONFIRM) https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-1710.json - Vendor Advisory |
05 Apr 2023, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-04-05 21:15
Updated : 2023-12-10 15:01
NVD link : CVE-2023-1710
Mitre link : CVE-2023-1710
CVE.ORG link : CVE-2023-1710
JSON object : View
Products Affected
gitlab
- gitlab
CWE