Severity
Medium
Analysis Summary
CVE-2023-1555 CVSS:2.7
GitLab could allow a remote authenticated attacker to bypass security restrictions, caused by improper permission validation. By sending a specially crafted request, an attacker could exploit this vulnerability to access the API.
CVE-2023-0120 CVSS:3.5
GitLab could allow a remote authenticated attacker to bypass security restrictions, caused by improper permission validation. By sending a specially crafted request, an attacker could exploit this vulnerability to edit labels description.
CVE-2023-1279 CVSS:3.5
GitLab could allow a remote authenticated attacker to conduct phishing attacks, caused by an open redirect vulnerability. An attacker could exploit this vulnerability using a specially crafted URL to redirect a victim to arbitrary Web sites.
CVE-2023-4647 CVSS:5.3
GitLab is vulnerable to a denial of service, caused by a flaw in projects API pagination. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-3205 CVSS:6.5
GitLab is vulnerable to a denial of service, caused by a ReDoS in bulk import API. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-4018 CVSS:4.3
GitLab could allow a remote authenticated attacker to bypass security restrictions, caused by improper permission validation. By sending a specially crafted request, an attacker could exploit this vulnerability to create model experiments in public projects.
CVE-2023-4638 CVSS:4.3
GitLab could allow a remote authenticated attacker to bypass security restrictions, caused by improper permission validation. By sending a specially crafted request, an attacker could exploit this vulnerability to fork a project outside of current group by an unauthorized user.
CVE-2022-4343 CVSS:5
GitLab could allow a remote authenticated attacker to obtain sensitive information. By sending a specially crafted request, a remote attacker could exploit this vulnerability to leak credentials stored in site profile.
CVE-2023-4630 CVSS:5
GitLab could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw in project import endpoint. By sending a specially crafted request, a remote attacker could exploit this vulnerability to read limited information about any project’s imports.
CVE-2023-3950 CVSS:5.5
GitLab could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw in GitLab UI. By changing the configured URL, a remote attacker could exploit this vulnerability to see the Public Key for a Google Cloud Logging audit event streaming destination.
CVE-2023-4378 CVSS:5.5
GitLab could allow a remote authenticated attacker to obtain sensitive information. By changing the configured URL, a remote attacker could exploit this vulnerability to obtain sensitive information.
CVE-2023-3915 CVSS:6.5
GitLab could allow a remote authenticated attacker to gain elevated privileges on the system. By creating a service account in that group, an attacker could exploit this vulnerability to escalate privileges.
Impact
- Privilege Escalation
- Security Bypass
- Information Disclosure
- Denial of Service
Indicators Of Compromise
CVE
- CVE-2023-1555
- CVE-2023-0120
- CVE-2023-1279
- CVE-2023-4647
- CVE-2023-3205
- CVE-2023-4018
- CVE-2023-4638
- CVE-2022-4343
- CVE-2023-4630
- CVE-2023-3950
- CVE-2023-4378
- CVE-2023-3915
Affected Vendors
GitLab
Affected Products
- GitLab Community Edition 16.2.4
- GitLab Community Edition 16.3.0
- GitLab Enterprise Edition 16.3.0
- GitLab Enterprise Edition 16.2.4
- GitLab Community Edition 16.1.4
- GitLab Enterprise Edition 16.1.4
Remediation
Refer to GitLab Web site for patch, upgrade or suggested workaround information.