GitLab Multiple Vulnerabilities
Release Date: 3 Jul 2023
RISK: Medium Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities were identified in GitLab. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution, sensitive information disclosure, data manipulation and security restriction bypass on the targeted system.
Impact
- Information Disclosure
- Remote Code Execution
- Security Restriction Bypass
- Denial of Service
- Data Manipulation
System / Technologies affected
- GitLab Community Edition (CE) versions prior to 16.1.1, 16.0.6, and 15.11.10
- GitLab Enterprise Edition (EE) versions prior to 16.1.1, 16.0.6, and 15.11.10
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
Vulnerability Identifier
- CVE-2023-0838
- CVE-2023-1936
- CVE-2023-2190
- CVE-2023-2200
- CVE-2023-2576
- CVE-2023-2620
- CVE-2023-3102
- CVE-2023-3362
- CVE-2023-3363
- CVE-2023-3424
- CVE-2023-3444
沒有留言:
發佈留言