Lucene search
Ubuntu.comUB:CVE-2023-2069HistoryMay 03, 2023 - 12:00 a.m.
CVE-2023-2069
2023-05-0300:00:00
ubuntu.com
ubuntu.com
12
gitlab
import project
ci/cd variables
security issue
vulnerability
CVSS3
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
50.4%
An issue has been discovered in GitLab affecting all versions starting from
10.0 before 12.9.8, all versions starting from 12.10 before 12.10.7, all
versions starting from 13.0 before 13.0.1. A user with the role of
developer could use the import project feature to leak CI/CD variables.
References
Related
debiancve
debiancve
CVE-2023-2069
2023-05-03 21:15:21
veracode
veracode
Information Disclosure
2023-08-06 09:23:49
nvd
nvd
CVE-2023-2069
2023-05-03 21:15:21
nessus
nessus
osv
osv
BIT-gitlab-2023-2069
2024-03-06 11:09:40
CVE-2023-2069
2023-05-03 21:15:21
cve
cve
CVE-2023-2069
2023-05-03 21:15:21
prion
prion
Design/Logic Flaw
2023-05-03 21:15:00
cvelist
cvelist
CVE-2023-2069
2023-05-03 00:00:00
freebsd
freebsd
Gitlab -- Multiple Vulnerabilities
2023-05-02 00:00:00
CVSS3
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
50.4%
Related for UB:CVE-2023-2069