CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
30.4%
Gitlab reports:
Privilege escalation of “external user” to internal access through group service account
Maintainer can leak sentry token by changing the configured URL (fix bypass)
Google Cloud Logging private key showed in plain text in GitLab UI leaking to other group owners
Information disclosure via project import endpoint
Developer can leak DAST scanners “Site Profile” request headers and auth password
Project forking outside current group
User is capable of creating Model experiment and updating existing run’s status in public project
ReDoS in bulk import API
Pagination for Branches and Tags can be skipped leading to DoS
Internal Open Redirection Due to Improper handling of “…/” characters
Subgroup Member With Reporter Role Can Edit Group Labels
Banned user can delete package registries