Lucene search
Veracode Vulnerability DatabaseVERACODE:42201HistoryAug 06, 2023 - 9:23 a.m.
Information Disclosure
2023-08-0609:23:49
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
gitlab
vulnerability
developer
leaks
ci/cd
variables
information disclosure
CVSS3
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
50.4%
gitlab is vulnerable to Information Disclosure. The vulnerability exists because a user with the role of developer could use the import project feature to leak CI/CD variables
Related
debiancve
debiancve
CVE-2023-2069
2023-05-03 21:15:21
nvd
nvd
CVE-2023-2069
2023-05-03 21:15:21
osv
osv
BIT-gitlab-2023-2069
2024-03-06 11:09:40
CVE-2023-2069
2023-05-03 21:15:21
cve
cve
CVE-2023-2069
2023-05-03 21:15:21
nessus
nessus
ubuntucve
ubuntucve
CVE-2023-2069
2023-05-03 00:00:00
prion
prion
Design/Logic Flaw
2023-05-03 21:15:00
cvelist
cvelist
CVE-2023-2069
2023-05-03 00:00:00
freebsd
freebsd
Gitlab -- Multiple Vulnerabilities
2023-05-02 00:00:00
CVSS3
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
50.4%
Related for VERACODE:42201