Lucene search

GoogleOSV:BIT-GITLAB-2023-2825

HistoryMar 06, 2024 - 11:07 a.m.

BIT-gitlab-2023-2825

2024-03-0611:07:04

Google

osv.dev

gitlab

vulnerability

path traversal

public project

nested groups

16.0.0

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N

6.5 Medium

AI Score

Confidence

Low

0.159 Low

EPSS

Percentile

96.0%

JSON

An issue has been discovered in GitLab CE/EE affecting only version 16.0.0. An unauthenticated malicious user can use a path traversal vulnerability to read arbitrary files on the server when an attachment exists in a public project nested within at least five groups.

CPENameOperatorVersion
gitlabge16.0.0
gitlable16.0.0

CPE	Name	Operator	Version
	gitlab	ge	16.0.0
	gitlab	le	16.0.0

References

gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2825.json

gitlab.com/gitlab-org/gitlab/-/issues/412371

hackerone.com/reports/1994725

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N

6.5 Medium

AI Score

Confidence

Low

0.159 Low

EPSS

Percentile

96.0%

JSON

Related for OSV:BIT-GITLAB-2023-2825