Multiple vulnerabilities in GitLab Community Edition (CE) and Enterprise Edition (EE)
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 14 |
| CVE-ID | CVE-2023-2442 CVE-2023-2199 CVE-2023-2198 CVE-2023-2132 CVE-2023-0121 CVE-2023-2589 CVE-2023-2015 CVE-2023-2485 CVE-2023-2001 CVE-2023-0921 CVE-2023-1204 CVE-2023-0508 CVE-2023-1825 CVE-2023-2013 |
| CWE-ID | CWE-79 CWE-185 CWE-400 CWE-200 CWE-264 CWE-451 CWE-20 CWE-284 CWE-601 CWE-203 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Gitlab Community Edition Universal components / Libraries / Software for developers GitLab Enterprise Edition Universal components / Libraries / Software for developers |
| Vendor | GitLab, Inc |
Security Bulletin
This security bulletin contains information about 14 vulnerabilities.
1) Stored cross-site scripting
EUVDB-ID: #VU76972
Risk: Low
CVSSv3.1: 5.6 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-2442
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote user can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall updates from vendor's website.
Vulnerable software versionsGitlab Community Edition: 15.11.0 - 16.0.1
GitLab Enterprise Edition: 15.11.0 - 16.0.1
External linkshttp://about.gitlab.com/releases/2023/06/05/security-release-gitlab-16-0-2-released/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Incorrect Regular Expression
EUVDB-ID: #VU76974
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-2199
CWE-ID:
CWE-185 - Incorrect Regular Expression
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient input validation when processing regular expressions within the FrontMatterFilter in any Markdown fields. A remote attacker can pass specially crafted data to the application and perform regular expression denial of service (ReDos) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsGitlab Community Edition: 12.0.0 - 16.0.1
GitLab Enterprise Edition: 12.0.0 - 16.0.1
External linkshttp://about.gitlab.com/releases/2023/06/05/security-release-gitlab-16-0-2-released/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Incorrect Regular Expression
EUVDB-ID: #VU76980
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-2198
CWE-ID:
CWE-185 - Incorrect Regular Expression
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient input validation when processing regular expressions within the InlineDiffFilter in any Markdown fields. A remote attacker can pass specially crafted data to the application and perform regular expression denial of service (ReDos) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsGitlab Community Edition: 8.7 - 16.0.1
GitLab Enterprise Edition: 8.7.0 - 16.0.1
External linkshttp://about.gitlab.com/releases/2023/06/05/security-release-gitlab-16-0-2-released/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Incorrect Regular Expression
EUVDB-ID: #VU76988
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-2132
CWE-ID:
CWE-185 - Incorrect Regular Expression
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient input validation when processing regular expressions within the DollarMathPostFilter in Markdown fields. A remote attacker can pass specially crafted data to the application and perform regular expression denial of service (ReDos) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsGitlab Community Edition: 15.4.0 - 16.0.1
GitLab Enterprise Edition: 15.4.0 - 16.0.1
External linkshttp://about.gitlab.com/releases/2023/06/05/security-release-gitlab-16-0-2-released/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Resource exhaustion
EUVDB-ID: #VU76991
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-0121
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources within the test report artifacts. A remote user can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsGitlab Community Edition: 13.2.4 - 16.0.1
GitLab Enterprise Edition: 13.2.4 - 16.0.1
External linkshttp://about.gitlab.com/releases/2023/06/05/security-release-gitlab-16-0-2-released/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Information disclosure
EUVDB-ID: #VU76993
Risk: Medium
CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-2589
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application. A remote attacker can clone a repository from a public project, from a disallowed IP, even after the top-level group has enabled IP restrictions on the group.
MitigationInstall updates from vendor's website.
Vulnerable software versionsGitlab Community Edition: 12.0.0 - 16.0.1
GitLab Enterprise Edition: 12.0.0 - 16.0.1
External linkshttp://about.gitlab.com/releases/2023/06/05/security-release-gitlab-16-0-2-released/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Cross-site scripting
EUVDB-ID: #VU76994
Risk: Low
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-2015
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data in Report Abuse functionality. A remote user can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall updates from vendor's website.
Vulnerable software versionsGitlab Community Edition: 15.8.0 - 16.0.1
GitLab Enterprise Edition: 15.8.0 - 16.0.1
External linkshttp://about.gitlab.com/releases/2023/06/05/security-release-gitlab-16-0-2-released/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU76995
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-2485
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote user to escalate privileges on the system.
The vulnerability exists due to application does not properly impose security restrictions. A remote administrator can escalate other users to Owners in the project if they import members from another project that those other users are Owners of.
MitigationInstall updates from vendor's website.
Vulnerable software versionsGitlab Community Edition: 14.1.0 - 16.0.1
GitLab Enterprise Edition: 14.1.0 - 16.0.1
External linkshttp://about.gitlab.com/releases/2023/06/05/security-release-gitlab-16-0-2-released/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Spoofing attack
EUVDB-ID: #VU76996
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-2001
CWE-ID:
CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to incorrect processing of user-supplied data. A remote user can spoof protected tags, leading a victim to download malicious code.
MitigationInstall updates from vendor's website.
Vulnerable software versionsGitlab Community Edition: 0.1.5 - 16.0.1
GitLab Enterprise Edition: 6.2.0 - 16.0.1
External linkshttp://about.gitlab.com/releases/2023/06/05/security-release-gitlab-16-0-2-released/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Input validation error
EUVDB-ID: #VU76997
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-0921
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the Issue description. A remote user can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsGitlab Community Edition: 8.3 - 16.0.1
GitLab Enterprise Edition: 8.3.0 - 16.0.1
External linkshttp://about.gitlab.com/releases/2023/06/05/security-release-gitlab-16-0-2-released/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Improper access control
EUVDB-ID: #VU76998
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-1204
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions. A remote user can use an unverified email as a public email and commit email by sending a specifically crafted request on user update settings.
MitigationInstall updates from vendor's website.
Vulnerable software versionsGitlab Community Edition: 10.1 - 16.0.1
GitLab Enterprise Edition: 10.1.0 - 16.0.1
External linkshttp://about.gitlab.com/releases/2023/06/05/security-release-gitlab-16-0-2-released/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Open redirect
EUVDB-ID: #VU76999
Risk: Low
CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-0508
CWE-ID:
CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to redirect victims to arbitrary URL.
The vulnerability exists due to HTTP response splitting in the NPM package API. A remote attacker can create a link that leads to a trusted website, however, when clicked, redirects the victim to arbitrary domain.
Successful exploitation of this vulnerability may allow a remote attacker to perform a phishing attack and steal potentially sensitive information.
MitigationInstall updates from vendor's website.
Vulnerable software versionsGitlab Community Edition: 15.4.0 - 16.0.1
GitLab Enterprise Edition: 15.4.0 - 16.0.1
External linkshttp://about.gitlab.com/releases/2023/06/05/security-release-gitlab-16-0-2-released/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Information disclosure
EUVDB-ID: #VU77000
Risk: Low
CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-1825
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application when exporting a project. A remote user can gain unauthorized access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsGitLab Enterprise Edition: 15.7.0 - 16.0.1
External linkshttp://about.gitlab.com/releases/2023/06/05/security-release-gitlab-16-0-2-released/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Observable discrepancy
EUVDB-ID: #VU77001
Risk: Low
CVSSv3.1: 2.3 [CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-2013
CWE-ID:
CWE-203 - Observable discrepancy
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to Observable discrepancy. A remote user can abuse a discrepancy between the Web application display and the git command line interface to social engineer victims into cloning non-trusted code.
MitigationInstall updates from vendor's website.
Vulnerable software versionsGitlab Community Edition: 0.1.5 - 16.0.1
GitLab Enterprise Edition: 6.2.0 - 16.0.1
External linkshttp://about.gitlab.com/releases/2023/06/05/security-release-gitlab-16-0-2-released/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
