EUVD-2023-54656

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Security issue in GitLab EE allows bypass of CODEOWNERS approval in specific version ranges.

Reporter	Title	Published	Views	Family All 20
FreeBSD	Gitlab -- vulnerabilities	11 Jan 202400:00	–	freebsd
Circl	CVE-2023-4812	12 Jan 202410:15	–	circl
CNNVD	GitLab Security Breach	12 Jan 202400:00	–	cnnvd
CVE	CVE-2023-4812	12 Jan 202413:56	–	cve
Cvelist	CVE-2023-4812 Incorrect Authorization in GitLab	12 Jan 202413:56	–	cvelist
Debian CVE	CVE-2023-4812	12 Jan 202413:56	–	debiancve
Tenable Nessus	FreeBSD : Gitlab -- vulnerabilities (4c8c2218-b120-11ee-90ec-001b217b3468)	12 Jan 202400:00	–	nessus
Tenable Nessus	GitLab 15.3 < 16.5.6 / 16.6 < 16.6.4 / 16.7 < 16.7.2 (CVE-2023-4812)	11 Jan 202400:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2023-4812	30 Aug 202500:00	–	nessus
NCSC	Vulnerabilities fixed in GitLab Enterprise Edition and Community Edition	12 Jan 202400:00	–	ncsc

[
  {
    "enisaIdVendor": [
      {
        "id": "abe1ad3b-48b4-3f10-b95c-950870f25bf7",
        "vendor": {
          "name": "GitLab"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "40e9a48c-c165-3978-80e6-10ca5d69a851",
        "product": {
          "name": "GitLab"
        },
        "product_version": "16.6 <16.6.4"
      },
      {
        "id": "855faf72-c721-362d-b9a8-79e08ae099b1",
        "product": {
          "name": "GitLab"
        },
        "product_version": "15.3 <16.5.6"
      },
      {
        "id": "b8cada5e-8ebe-31ea-b72c-b08d559fe26d",
        "product": {
          "name": "GitLab"
        },
        "product_version": "16.7 <16.7.2"
      }
    ]
  }
]

Source	Link
gitlab	www.gitlab.com/gitlab-org/gitlab/-/issues/424398
hackerone	www.hackerone.com/reports/2115574

03 Oct 2025 20:07Current

6.4Medium risk

Vulners AI Score6.4

CVSS 3.15.3 - 7.6

EPSS0.0001

SSVC