June 27, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Akira Ransomware – Active IOCs
April 22, 2025
ICS: Multiple Hitachi Ops Center Vulnerabilities
April 22, 2025
Akira Ransomware – Active IOCs
April 22, 2025
ICS: Multiple Hitachi Ops Center Vulnerabilities
April 22, 2025
Severity
Low
Analysis Summary
CVE-2023-5117 CVSS:3.7
GitLab could allow a remote attacker to obtain sensitive information, caused by incompatible policies. By using a direct link to the uploaded file URL, an attacker could exploit this vulnerability to obtain sensitive information.
CVE-2024-10043 CVSS:3.1
GitLab could allow a remote authenticated attacker to obtain sensitive information. By sending a specially crafted request, an attacker could exploit this vulnerability to view confidential incident title through the Wiki History Diff feature.
Impact
- Information Disclosure
Indicators of Compromise
CVE
CVE-2023-5117
CVE-2024-10043
Affected Vendors
- GitLab
Affected Products
- GitLab
Remediation
Upgrade to the latest version of GitLab, available from the GitLab Website.