Lucene search

PRIOn knowledge basePRION:CVE-2023-0326

HistoryMar 27, 2023 - 10:15 p.m.

Authorization

2023-03-2722:15:00

PRIOn knowledge base

www.prio-n.com

gitlab

dast

api scanner

authorization headers

vulnerability

nvd

4.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.1%

JSON

An issue has been discovered in GitLab DAST API scanner affecting all versions starting from 1.6.50 before 2.11.0, where Authorization headers was leaked in vulnerability report evidence.

CPENameOperatorVersion
dynamic_application_security_testing_analyzerge1.6.50
dynamic_application_security_testing_analyzerlt2.11.0

CPE	Name	Operator	Version
	dynamic_application_security_testing_analyzer	ge	1.6.50
	dynamic_application_security_testing_analyzer	lt	2.11.0

References

gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0326.json

gitlab.com/gitlab-org/gitlab/-/issues/388132

hackerone.com/reports/1826896