GitLab Multiple Vulnerabilities
Release Date: 7 Jun 2023
RISK: Medium Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities were identified in GitLab. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, data manipulation, elevation of privilege, sensitive information disclosure, cross-site scripting and security restriction bypass on the targeted system.
Impact
- Information Disclosure
- Cross-Site Scripting
- Security Restriction Bypass
- Denial of Service
- Data Manipulation
- Elevation of Privilege
System / Technologies affected
- GitLab Community Edition (CE) versions prior to 16.0.2, 15.11.7, and 15.10.8
- GitLab Enterprise Edition (EE) versions prior to 16.0.2, 15.11.7, and 15.10.8
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
Vulnerability Identifier
- CVE-2023-0121
- CVE-2023-0508
- CVE-2023-0921
- CVE-2023-1204
- CVE-2023-1825
- CVE-2023-2001
- CVE-2023-2013
- CVE-2023-2015
- CVE-2023-2132
- CVE-2023-2198
- CVE-2023-2199
- CVE-2023-2442
- CVE-2023-2485
- CVE-2023-2589
沒有留言:
發佈留言