Lucene search
HistoryJan 12, 2023 - 4:15 a.m.
CVE-2023-0042
gitlab
redirection
arbitrary protocols
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AI Score
6
Confidence
High
EPSS
0.001
Percentile
32.5%
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.4 prior to 15.5.7, 15.6 prior to 15.6.4, and 15.7 prior to 15.7.2. GitLab Pages allows redirection to arbitrary protocols.
Affected configurations
Node
gitlabgitlabRange11.4.0–15.5.7community
ORgitlabgitlabRange11.4.0–15.5.7enterprise
ORgitlabgitlabRange15.6.0–15.6.4community
ORgitlabgitlabRange15.6.0–15.6.4enterprise
ORgitlabgitlabRange15.7.0–15.7.2community
ORgitlabgitlabRange15.7.0–15.7.2enterprise
Related
nessus
nessus
osv
osv
CVE-2023-0042
2023-01-12 04:15:10
BIT-gitlab-2023-0042
2024-03-06 11:12:46
veracode
veracode
Open Redirect
2023-08-06 23:57:37
prion
prion
Code injection
2023-01-12 04:15:00
cvelist
cvelist
CVE-2023-0042
2023-01-12 00:00:00
cve
cve
CVE-2023-0042
2023-01-12 04:15:10
ubuntucve
ubuntucve
CVE-2023-0042
2023-01-12 00:00:00
debiancve
debiancve
CVE-2023-0042
2023-01-12 04:15:10
freebsd
freebsd
Gitlab -- Multiple Vulnerabilities
2023-01-09 00:00:00
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AI Score
6
Confidence
High
EPSS
0.001
Percentile
32.5%
Related for NVD:CVE-2023-0042