CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-1965
https://notcve.org/view.php?id=CVE-2023-1965
An issue has been discovered in GitLab EE affecting all versions starting from 14.2 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. Lack of verification on RelayState parameter allowed a maliciously crafted URL to obtain access tokens granted for 3rd party Group SAML SSO logins. This feature isn't enabled by default. • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-1965.json https://gitlab.com/gitlab-org/gitlab/-/issues/406235 https://hackerone.com/reports/1923672 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.4EPSS: 0%CPEs: 3EXPL: 0CVE-2023-2069
https://notcve.org/view.php?id=CVE-2023-2069
An issue has been discovered in GitLab affecting all versions starting from 10.0 before 12.9.8, all versions starting from 12.10 before 12.10.7, all versions starting from 13.0 before 13.0.1. A user with the role of developer could use the import project feature to leak CI/CD variables. • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2069.json https://gitlab.com/gitlab-org/gitlab/-/issues/407374 https://hackerone.com/reports/1939987 • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-2182
https://notcve.org/view.php?id=CVE-2023-2182
An issue has been discovered in GitLab EE affecting all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. Under certain conditions when OpenID Connect is enabled on an instance, it may allow users who are marked as 'external' to become 'regular' users thus leading to privilege escalation for those users. • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2182.json https://gitlab.com/gitlab-org/gitlab/-/issues/403012 •
CVSS: 3.7EPSS: 0%CPEs: 6EXPL: 0CVE-2022-3375
https://notcve.org/view.php?id=CVE-2022-3375
An issue has been discovered in GitLab affecting all versions starting from 11.10 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. It was possible to disclose the branch names when attacker has a fork of a project that was switched to private. • https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3375.json https://gitlab.com/gitlab-org/gitlab/-/issues/376041 https://hackerone.com/reports/1710533 •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-3513
https://notcve.org/view.php?id=CVE-2022-3513
An issue has been discovered in GitLab affecting all versions starting from 12.8 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. A specially crafted payload could lead to a reflected XSS on the client side which allows attackers to perform arbitrary actions on behalf of victims on self-hosted instances running without strict CSP. • https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3513.json https://gitlab.com/gitlab-org/gitlab/-/issues/377970 https://hackerone.com/reports/1728015 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •