CVE-2023-2825 – GitLab Authenticated File Read
https://notcve.org/view.php?id=CVE-2023-2825
An issue has been discovered in GitLab CE/EE affecting only version 16.0.0. An unauthenticated malicious user can use a path traversal vulnerability to read arbitrary files on the server when an attachment exists in a public project nested within at least five groups. • https://github.com/cc3305/CVE-2023-2825 https://github.com/Occamsec/CVE-2023-2825 https://github.com/Rubikcuv5/CVE-2023-2825 https://github.com/caopengyan/CVE-2023-2825 https://github.com/Tornad0007/CVE-2023-2825-Gitlab https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2825.json https://gitlab.com/gitlab-org/gitlab/-/issues/412371 https://hackerone.com/reports/1994725 https://about.gitlab.com/releases/2023/05/23/critical-security-release-gitlab-16- • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •