CVE-2023-1710
Published Apr 5, 2023
Last updated 2 years ago
Overview
- Description
- A sensitive information disclosure vulnerability in GitLab affecting all versions from 15.0 prior to 15.8.5, 15.9 prior to 15.9.4 and 15.10 prior to 15.10.1 allows an attacker to view the count of internal notes for a given issue.
- Source
- cve@gitlab.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 5.3
- Impact score
- 1.4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Severity
- MEDIUM
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"vulnerable": true,
"matchCriteriaId": "674B9329-1779-40F7-97EF-B49DC0506B50",
"versionEndExcluding": "15.8.5",
"versionStartIncluding": "15.0.0"
},
{
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2DA9CDF4-F3AE-41DA-A39A-FB2AA887CB53",
"versionEndExcluding": "15.8.5",
"versionStartIncluding": "15.0.0"
},
{
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"vulnerable": true,
"matchCriteriaId": "130F61DA-5561-49A8-8024-88D12819F2E1",
"versionEndExcluding": "15.9.4",
"versionStartIncluding": "15.9.0"
},
{
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E10FDADF-D6E5-402E-8834-F9BD274FBE2D",
"versionEndExcluding": "15.9.4",
"versionStartIncluding": "15.9.0"
},
{
"criteria": "cpe:2.3:a:gitlab:gitlab:15.10.0:*:*:*:community:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7803BD85-A126-49E0-8DEC-3D0E98A0CAE1"
},
{
"criteria": "cpe:2.3:a:gitlab:gitlab:15.10.0:*:*:*:enterprise:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7D831DA8-EE49-41A1-AE77-E8B51E8458A4"
}
],
"operator": "OR"
}
]
}
]