CVE-2023-3906
Improper Validation of Specified Type of Input in GitLab
Severity Score
3.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track*
*SSVC
Descriptions
An input validation issue in the asset proxy in GitLab EE, affecting all versions from 12.3 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1, allowed an authenticated attacker to craft image urls which bypass the asset proxy.
Un problema de validación de entrada en el proxy de activos en GitLab EE, que afectó a todas las versiones desde 12.3 anterior a 16.2.8, 16.3 anterior a 16.3.5 y 16.4 anterior a 16.4.1, permitió a un atacante autenticado crear URL de imágenes que omitían el activo apoderado.
*Credits:
Thanks [afewgoats](https://hackerone.com/afewgoats) for reporting this vulnerability through our HackerOne bug bounty program
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track*
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-07-25 CVE Reserved
- 2023-09-29 CVE Published
- 2024-10-03 CVE Updated
- 2024-10-05 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
- CWE-1287: Improper Validation of Specified Type of Input
- CWE-1333: Inefficient Regular Expression Complexity
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| https://gitlab.com/gitlab-org/gitlab/-/issues/419213 | Broken Link |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Gitlab Search vendor "Gitlab" | Gitlab Search vendor "Gitlab" for product "Gitlab" | >= 12.3 < 16.2.8 Search vendor "Gitlab" for product "Gitlab" and version " >= 12.3 < 16.2.8" | community |
Affected
| ||||||
| Gitlab Search vendor "Gitlab" | Gitlab Search vendor "Gitlab" for product "Gitlab" | >= 12.3 < 16.2.8 Search vendor "Gitlab" for product "Gitlab" and version " >= 12.3 < 16.2.8" | enterprise |
Affected
| ||||||
| Gitlab Search vendor "Gitlab" | Gitlab Search vendor "Gitlab" for product "Gitlab" | >= 16.3.0 < 16.3.5 Search vendor "Gitlab" for product "Gitlab" and version " >= 16.3.0 < 16.3.5" | community |
Affected
| ||||||
| Gitlab Search vendor "Gitlab" | Gitlab Search vendor "Gitlab" for product "Gitlab" | >= 16.3.0 < 16.3.5 Search vendor "Gitlab" for product "Gitlab" and version " >= 16.3.0 < 16.3.5" | enterprise |
Affected
| ||||||
| Gitlab Search vendor "Gitlab" | Gitlab Search vendor "Gitlab" for product "Gitlab" | 16.4.0 Search vendor "Gitlab" for product "Gitlab" and version "16.4.0" | community |
Affected
| ||||||
| Gitlab Search vendor "Gitlab" | Gitlab Search vendor "Gitlab" for product "Gitlab" | 16.4.0 Search vendor "Gitlab" for product "Gitlab" and version "16.4.0" | enterprise |
Affected
| ||||||