An issue has been discovered in GitLab affecting all versions starting from 10.6 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1 in which any user can read limited information about any project's imports.
References
Link | Resource |
---|---|
https://about.gitlab.com/releases/2023/08/31/security-release-gitlab-16-3-1-released/ | Vendor Advisory |
https://gitlab.com/gitlab-org/gitlab/-/issues/415117 | Broken Link |
Configurations
Configuration 1 (hide)
|
History
13 Sep 2023, 16:50
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:gitlab:gitlab:16.3.0:*:*:*:community:*:*:* cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:* cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:* cpe:2.3:a:gitlab:gitlab:16.3.0:*:*:*:enterprise:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.3 |
First Time |
Gitlab gitlab
Gitlab |
|
CWE | NVD-CWE-noinfo | |
References |
|
|
References | (MISC) https://gitlab.com/gitlab-org/gitlab/-/issues/415117 - Broken Link |
11 Sep 2023, 14:26
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-09-11 14:15
Updated : 2023-12-10 15:14
NVD link : CVE-2023-4630
Mitre link : CVE-2023-4630
CVE.ORG link : CVE-2023-4630
JSON object : View
Products Affected
gitlab
- gitlab
CWE